CVE-2025-39695

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s RDMA/rxe subsystem related to the handling of SKB packets and RXE resources. Specifically, the issue occurs when skb packets are sent and still depend on RXE resources (like QP and sk). Releasing these resources while the packets are being destroyed can lead to call trace issues. To prevent packets from remaining in network devices for extended periods, a timestamp is added upon packet creation. If packets exceed a certain duration, the network device can free them to release the associated RXE resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

BDU:2025-15726

CVE-2025-39695

DSA-6008-1

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:03601-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3725-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

CVE-2025-39695

Weakness Enumeration

Related Identifiers

Affected Products

References · 1376