Acknowledged
Created: Jul 11, 2025
Updated: Jul 14, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]net: ethernet: cortina: Use TOE/TSO on all TCP[EOL][EOL]It is desireable to push the hardware accelerator to also[EOL]process non-segmented TCP frames: we pass the skb->len[EOL]to the "TOE/TSO" offloader and it will handle them.[EOL][EOL]Without this quirk the driver becomes unstable and lock[EOL]up and and crash.[EOL][EOL]I do not know exactly why, but it is probably due to the[EOL]TOE (TCP offload engine) feature that is coupled with the[EOL]segmentation feature - it is not possible to turn one[EOL]part off and not the other, either both TOE and TSO are[EOL]active, or neither of them.[EOL][EOL]Not having the TOE part active seems detrimental, as if[EOL]that hardware feature is not really supposed to be turned[EOL]off.[EOL][EOL]The datasheet says:[EOL][EOL] "Based on packet parsing and TCP connection/NAT table[EOL] lookup results, the NetEngine puts the packets[EOL] belonging to the same TCP connection to the same queue[EOL] for the software to process. The NetEngine puts[EOL] incoming packets to the buffer or series of buffers[EOL] for a jumbo packet. With this hardware acceleration,[EOL] IP/TCP header parsing, checksum validation and[EOL] connection lookup are offloaded from the software[EOL] processing."[EOL][EOL]After numerous tests with the hardware locking up after[EOL]something between minutes and hours depending on load[EOL]using iperf3 I have concluded this is necessary to stabilize[EOL]the hardware.
CREATE(Triage):(User=admin) [CVE-2025-38331 (https://nvd.nist.gov/vuln/detail/CVE-2025-38331)
