Linux Kernel Memory Leak Vulnerability in USB Networking Driver

Vulnerability

A vulnerability has been identified in the Linux kernel's USB networking driver for the smsc95xx chip. This issue arises because the packet length retrieved from the descriptor can exceed the actual length of the socket buffer. As a result, when the cloned socket buffer is passed up the network stack, it can inadvertently leak contents of kernel memory.

Impact

Exploitation of this vulnerability leads to unauthorized disclosure of kernel memory contents.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Memory Leak Vulnerability in USB Networking Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating