Acknowledged
Created: Sep 21, 2025
Updated: Sep 23, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]ppp: fix memory leak in pad_compress_skb[EOL][EOL]If alloc_skb() fails in pad_compress_skb(), it returns NULL without[EOL]releasing the old skb. The caller does:[EOL][EOL] skb = pad_compress_skb(ppp, skb);[EOL] if (!skb)[EOL] goto drop;[EOL][EOL]drop:[EOL] kfree_skb(skb);[EOL][EOL]When pad_compress_skb() returns NULL, the reference to the old skb is[EOL]lost and kfree_skb(skb) ends up doing nothing, leading to a memory leak.[EOL][EOL]Align pad_compress_skb() semantics with realloc(): only free the old[EOL]skb if allocation and compression succeed. At the call site, use the[EOL]new_skb variable so the original skb is not lost when pad_compress_skb()[EOL]fails.
