PT-2025-20524 · Linux+5 · Linux Kernel+5

Published

2025-04-12

·

Updated

2026-05-26

·

CVE-2025-37874

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A memory leak issue has been identified in the Linux kernel, specifically in the ngbe probe() function. The leak occurs when the ngbe sw init() function is called, allocating memory for rss key in wx init rss key(), but this memory is not freed in the subsequent error paths. This issue could potentially lead to a double free for rss key if the mac table allocation fails in wx sw init(). The error is resolved by freeing the rss key in the error path along with mac table.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Double Free

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-415CWE-401

Related Identifiers

BDU:2025-12059
CVE-2025-37874
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02538-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu