{"id":"CVE-2025-38546","summary":"atm: clip: Fix memory leak of struct clip_vcc.","details":"In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet's serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.","modified":"2026-03-20T12:42:54.898045Z","published":"2025-08-16T11:22:20.477Z","related":["SUSE-SU-2025:03204-1","SUSE-SU-2025:03272-1","SUSE-SU-2025:03283-1","SUSE-SU-2025:03290-1","SUSE-SU-2025:03301-1","SUSE-SU-2025:03310-1","SUSE-SU-2025:03314-1","SUSE-SU-2025:03344-1","SUSE-SU-2025:03382-1","SUSE-SU-2025:03383-1","SUSE-SU-2025:03384-1","SUSE-SU-2025:03602-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20653-1","SUSE-SU-2025:20669-1","SUSE-SU-2025:20739-1","SUSE-SU-2025:20756-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38546.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0c17ff462d98c997d707ee5cf4e4a9b1b52b9d90"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1c075e88d5859a2c6b43b27e0e46fb281cef8039"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1fb9fb5a4b5cec2d56e26525ef8c519de858fa60"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2fb37ab3226606cbfc9b2b6f9e301b0b735734c5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/62dba28275a9a3104d4e33595c7b3328d4032d8d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9e4dbeee56f614e3f1e166e5d0655a999ea185ef"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9f771816f14da6d6157a8c30069091abf6b566fb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cb2e4a2f8f268d8fba6662f663a2e57846f14a8d"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38546.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38546"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"2fb37ab3226606cbfc9b2b6f9e301b0b735734c5"},{"fixed":"9e4dbeee56f614e3f1e166e5d0655a999ea185ef"},{"fixed":"1c075e88d5859a2c6b43b27e0e46fb281cef8039"},{"fixed":"0c17ff462d98c997d707ee5cf4e4a9b1b52b9d90"},{"fixed":"1fb9fb5a4b5cec2d56e26525ef8c519de858fa60"},{"fixed":"9f771816f14da6d6157a8c30069091abf6b566fb"},{"fixed":"cb2e4a2f8f268d8fba6662f663a2e57846f14a8d"},{"fixed":"62dba28275a9a3104d4e33595c7b3328d4032d8d"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38546.json"}}],"schema_version":"1.7.5"}