CVE-2025-38546 – Linux ATM Clip VCC Memory Leak

August 16, 2025

CVE ID : CVE-2025-38546

Published : Aug. 16, 2025, 12:15 p.m. | 13 hours, 54 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

atm: clip: Fix memory leak of struct clip_vcc.

ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to
vcc->user_back.

The code assumes that vcc_destroy_socket() passes NULL skb
to vcc->push() when the socket is close()d, and then clip_push()
frees clip_vcc.

However, ioctl(ATMARPD_CTRL) sets NULL to vcc->push() in
atm_init_atmarp(), resulting in memory leak.

Let’s serialise two ioctl() by lock_sock() and check vcc->push()
in atm_init_atmarp() to prevent memleak.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-38547 – Linux AXP717 ADC Channel Map Sentinel Vulnerability

Next Article CVE-2025-38545 – Cisco Linux Kernel Netdev Allocation Vulnerability

Highlights

CVE-2025-6122 – Code-projects Restaurant Order System SQL Injection

June 16, 2025

CVE ID : CVE-2025-6122

Published : June 16, 2025, 1:15 p.m. | 1 hour, 5 minutes ago

Description : A vulnerability, which was classified as critical, was found in code-projects Restaurant Order System 1.0. This affects an unknown part of the file /table.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Psychology Of Color In UX Design And Digital Products

This week in AI dev tools: Claude Sonnet 4’s larger context window, ChatGPT updates, and more (August 15, 2025)

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

Your smart home device just got a performance and security boost for free

Ultrahuman brings advanced cycle and ovulation tracking to its smart ring

DistroWatch Weekly, Issue 1135

14 secret phone codes that unlock hidden features on your Android and iPhone

Air Quality Prediction System using Python ML

Air Quality Prediction System using Python ML

AI’s Hidden Thirst: The Water Behind Tech

Minesweeper game in 100 lines of pure JavaScript – easy tutorial

DistroWatch Weekly, Issue 1135

DistroWatch Weekly, Issue 1135

Ubuntu’s New “Dangerous” Daily Builds – What Are They?

gofmt – formats Go programs

CVE-2025-38546 – Linux ATM Clip VCC Memory Leak

CVE-2025-9090 – Tenda Telnet Service Command Injection

CVE-2025-9091 – Tenda AC20 Hard-Coded Credentials Vulnerability

Finally, I found an Android Auto adapter that’s highly functional, lag-free, and priced well

Usermode FTP Server – access your files from another device

Multi-Dimensional Vector Support in CocoIndex

Windows 10 vs Windows 11 Battery Life: Which OS Uses More Power?

CVE-2025-6122 – Code-projects Restaurant Order System SQL Injection

Multi-account support for Amazon SageMaker HyperPod task governance

CVE-2025-47162 – Microsoft Office Heap-based Buffer Overflow Vulnerability

Borderlands 4 drops stunning new story trailer

CVE-2025-38546 – Linux ATM Clip VCC Memory Leak

Related Posts