CVE-2025-38542 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix device refcount leak in atrtr_create() When updating an existing route entry in atrtr_create(), the old device reference was not being released before assigning the new device, leading to a device refcount leak. Fix this by calling dev_put() to release the old device reference before holding the new one.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/473f3eadfc73b0fb6d8dee5829d19a5772e387f7
https://git.kernel.org/stable/c/4a17370da6e476d3d275534e9e9cd2d02c57ca46
https://git.kernel.org/stable/c/64124cf0aab0dd1e18c0fb5ae66e45741e727f8b
https://git.kernel.org/stable/c/711c80f7d8b163d3ecd463cd96f07230f488e750
https://git.kernel.org/stable/c/a7852b01793669248dce0348d14df89e77a32afd
https://git.kernel.org/stable/c/b2f5dfa87367fdce9f8b995bc6c38f64f9ea2c90
https://git.kernel.org/stable/c/b92bedf71f25303e203a4e657489d76691a58119
https://git.kernel.org/stable/c/d2e9f50f0bdad73b64a871f25186b899624518c4

History

Sat, 16 Aug 2025 11:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix device refcount leak in atrtr_create() When updating an existing route entry in atrtr_create(), the old device reference was not being released before assigning the new device, leading to a device refcount leak. Fix this by calling dev_put() to release the old device reference before holding the new one.
Title		net: appletalk: Fix device refcount leak in atrtr_create()
References		https://git.kernel.org/stable/c/473f3eadfc73b0fb6d8dee5829d19a5772e387f7 https://git.kernel.org/stable/c/4a17370da6e476d3d275534e9e9cd2d02c57ca46 https://git.kernel.org/stable/c/64124cf0aab0dd1e18c0fb5ae66e45741e727f8b https://git.kernel.org/stable/c/711c80f7d8b163d3ecd463cd96f07230f488e750 https://git.kernel.org/stable/c/a7852b01793669248dce0348d14df89e77a32afd https://git.kernel.org/stable/c/b2f5dfa87367fdce9f8b995bc6c38f64f9ea2c90 https://git.kernel.org/stable/c/b92bedf71f25303e203a4e657489d76691a58119 https://git.kernel.org/stable/c/d2e9f50f0bdad73b64a871f25186b899624518c4

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-08-16T11:22:16.689Z

Updated: 2025-08-16T11:22:16.689Z

Reserved: 2025-04-16T04:51:24.024Z

Link: CVE-2025-38542

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-08-16T12:15:30.083

Modified: 2025-08-16T12:15:30.083

Link: CVE-2025-38542

Redhat

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object