CVE-2025-37872 in Linuxinfo

Summary

by MITRE • 05/09/2025

In the Linux kernel, the following vulnerability has been resolved:

net: txgbe: fix memory leak in txgbe_probe() error path

When txgbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in txgbe_probe() function, the subsequent error paths after txgbe_sw_init() don't free the rss_key. Fix that by freeing it in error path along with wx->mac_table.

Also change the label to which execution jumps when txgbe_sw_init() fails, because otherwise, it could lead to a double free for rss_key, when the mac_table allocation fails in wx_sw_init().

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 01/31/2026

The vulnerability CVE-2025-37872 represents a memory leak in the Linux kernel's txgbe network driver implementation that occurs during device probe operations. This issue specifically affects the txgbe_probe() function where proper error handling fails to release allocated memory resources, creating a persistent memory consumption problem that could degrade system performance over time. The flaw manifests when the network driver attempts to initialize hardware components but encounters errors during the process, leaving allocated memory in an unreleased state.

The technical root cause involves improper resource management within the txgbe driver's initialization sequence where memory allocation occurs for the rss_key field within the wx structure during the wx_init_rss_key() function call. When txgbe_sw_init() is invoked as part of the probe process, it allocates memory for wx->rss_key but subsequent error handling paths in txgbe_probe() fail to properly clean up this allocation. This creates a memory leak scenario where the allocated memory remains allocated even when the driver initialization fails and the function exits.

The vulnerability's operational impact extends beyond simple memory consumption as it represents a classic resource leak pattern that can compound over time, particularly in systems with frequent device initialization or hot-plug operations. The issue becomes more severe when considering that the error path management contains a secondary problem where the execution flow jumps to an incorrect label, potentially causing double-free conditions when the mac_table allocation also fails. This compound nature of the vulnerability increases the risk of system instability and unpredictable behavior.

This memory leak vulnerability maps to CWE-401: "Improper Release of Memory Before Removing Last Reference" and represents a failure in proper error handling and resource cleanup mechanisms. The ATT&CK framework categorizes this under T1484.001: "Privilege Escalation" through resource exhaustion attacks, where attackers could potentially leverage persistent memory leaks to exhaust system resources and cause denial of service conditions. The vulnerability affects systems running Linux kernel versions containing the txgbe driver implementation and requires kernel-level patching to resolve.

The recommended mitigation strategy involves applying the kernel patch that ensures proper memory cleanup in all error paths within txgbe_probe() function. The fix implements correct resource management by adding proper free() calls for wx->rss_key in error handling sections and correcting the label jumps to prevent double-free conditions. System administrators should prioritize updating their kernel versions to include this patch, particularly in production environments where network reliability and resource management are critical. Additionally, monitoring for memory usage patterns and implementing automated alerting for resource exhaustion conditions can help detect potential exploitation attempts or cumulative memory leak effects.

Responsible

Linux

Reservation

04/16/2025

Disclosure

05/09/2025

Moderation

accepted

CPE

ready

EPSS

0.00231

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!