CVE-2025-38331

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: ethernet: cortina: Use TOE/TSO on all TCP<br /> <br /> It is desireable to push the hardware accelerator to also<br /> process non-segmented TCP frames: we pass the skb-&gt;len<br /> to the "TOE/TSO" offloader and it will handle them.<br /> <br /> Without this quirk the driver becomes unstable and lock<br /> up and and crash.<br /> <br /> I do not know exactly why, but it is probably due to the<br /> TOE (TCP offload engine) feature that is coupled with the<br /> segmentation feature - it is not possible to turn one<br /> part off and not the other, either both TOE and TSO are<br /> active, or neither of them.<br /> <br /> Not having the TOE part active seems detrimental, as if<br /> that hardware feature is not really supposed to be turned<br /> off.<br /> <br /> The datasheet says:<br /> <br /> "Based on packet parsing and TCP connection/NAT table<br /> lookup results, the NetEngine puts the packets<br /> belonging to the same TCP connection to the same queue<br /> for the software to process. The NetEngine puts<br /> incoming packets to the buffer or series of buffers<br /> for a jumbo packet. With this hardware acceleration,<br /> IP/TCP header parsing, checksum validation and<br /> connection lookup are offloaded from the software<br /> processing."<br /> <br /> After numerous tests with the hardware locking up after<br /> something between minutes and hours depending on load<br /> using iperf3 I have concluded this is necessary to stabilize<br /> the hardware.