VDB

DEBIAN-CVE-2025-38148

DEBIAN-CVE-2025-38148 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the frame, so there is no reason to keep the skb anymore. As in this case the HW will never generate an interrupt to say that the frame was timestamped, then the frame will never released. Fix this by freeing the frame in case of one-step timestamping.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:11linux6.12.27-1, 6.19.11-1, 6.19.11-1
Debian:11linux-6.16.1.112-1, 6.1.106-3, 6.1.119-1
Debian:13linux0, 0
Debian:14linux0, 0
Debian:12linux6.1.69-1, 6.1.69-1~bpo11+1, 6.1.76-1

Timeline

  • Jul 3, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›