Vulnerability Database

321,593

Total vulnerabilities in the database

CVE-2025-39847

In the Linux kernel, the following vulnerability has been resolved:

ppp: fix memory leak in pad_compress_skb

If alloc_skb() fails in pad_compress_skb(), it returns NULL without releasing the old skb. The caller does:

skb = pad_compress_skb(ppp, skb); if (!skb) goto drop;

drop: kfree_skb(skb);

When pad_compress_skb() returns NULL, the reference to the old skb is lost and kfree_skb(skb) ends up doing nothing, leading to a memory leak.

Align pad_compress_skb() semantics with realloc(): only free the old skb if allocation and compression succeed. At the call site, use the new_skb variable so the original skb is not lost when pad_compress_skb() fails.

  • Published: Sep 19, 2025
  • Updated: Jan 21, 2026
  • CVE: CVE-2025-39847
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
linux / linux_kernel 2.6.15 5.4.299
linux / linux_kernel 5.5 5.10.243
linux / linux_kernel 5.11 5.15.192
linux / linux_kernel 5.16 6.1.151
linux / linux_kernel 6.2 6.6.105
linux / linux_kernel 6.7 6.12.46
linux / linux_kernel 6.13 6.16.6
linux / linux_kernel 6.17-rc1 6.17-rc1.x
linux / linux_kernel 6.17-rc2 6.17-rc2.x
linux / linux_kernel 6.17-rc3 6.17-rc3.x
linux / linux_kernel 6.17-rc4 6.17-rc4.x
debian / debian_linux 11.0 11.0.x