Linux Kernel Memory Leak Vulnerability in AM65 CPSW XDP Handling

Vulnerability

A memory leak vulnerability has been addressed in the Linux kernel's AM65 CPSW Ethernet driver, specifically related to the eXpress Data Path (XDP) functionality. The issue arose when the XDP program did not return XDP_PASS, leading to a leak of memory allocated for socket buffers (SKB) by the am65_cpsw_build_skb() function. This allocation was unnecessary before evaluating the XDP program's result, as it wasted CPU cycles in cases other than XDP_PASS. The vulnerability has been fixed by moving the SKB allocation to after the XDP program evaluation, thereby eliminating the memory leak and improving performance in XDP_DROP scenarios.

Impact

Exploitation of this vulnerability could lead to memory leaks, causing increased memory usage and potential performance degradation over time.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Memory Leak Vulnerability in AM65 CPSW XDP Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating