CVE-2025-38590
net/mlx5e: Remove skb secpath if xfrm state is not found
References
Notes
carnil> Introduced in b2ac7541e377 ("net/mlx5e: IPsec: Add Connect-X IPsec Rx data path
carnil> offload"). Vulnerable versions: 5.9.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.17-rc1) [6d19c44b5c6dd72f9a357d0399604ec16a77de3c]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.16-upstream-stable |
released (6.16.1) [137b12a4900eb6971b889839eab6036f72cbb217]
|
| 6.15-upstream-stable |
released (6.15.10) [3a5782431d84716b66302b07ff1b32fea1023bd5]
|
| 6.12-upstream-stable |
released (6.12.42) [781a0bbf377443ef06f3248221f06cb555935530]
|
| 6.6-upstream-stable |
released (6.6.102) [314f568b84b01f6eac1e4313ca47f9ade4349443]
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
needed
|
| sid |
released (6.16.3-1)
|
| 6.12-trixie-security |
released (6.12.43-1)
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
needed
|
