Primary

Context

Linux Kernel Double Free Vulnerability in DSA Felix Driver

Vulnerability

Patched

A vulnerability has been addressed in the Linux kernel's stable branch, specifically within the DSA (Distributed Switch Architecture) Felix driver. The issue involved an unnecessary reference count decrement of a child node, which could lead to the node being released twice. This double release could cause a resource leak or other unforeseen problems. The vulnerability was present in the 'felix_parse_ports_node' function of the 'drivers/net/dsa/ocelot/felix.c' file.

Impact

Exploitation of this vulnerability could lead to a double free condition, causing a resource leak or other unexpected issues.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability. The patched version can be downloaded from the Linux kernel stable tree.

Added: Sep 15, 2025, 3:13 PM

Updated: Sep 15, 2025, 9:10 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Double Free Vulnerability in DSA Felix Driver

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating