CVE-2025-39847

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ppp: fix memory leak in pad_compress_skb<br /> <br /> If alloc_skb() fails in pad_compress_skb(), it returns NULL without<br /> releasing the old skb. The caller does:<br /> <br /> skb = pad_compress_skb(ppp, skb);<br /> if (!skb)<br /> goto drop;<br /> <br /> drop:<br /> kfree_skb(skb);<br /> <br /> When pad_compress_skb() returns NULL, the reference to the old skb is<br /> lost and kfree_skb(skb) ends up doing nothing, leading to a memory leak.<br /> <br /> Align pad_compress_skb() semantics with realloc(): only free the old<br /> skb if allocation and compression succeed. At the call site, use the<br /> new_skb variable so the original skb is not lost when pad_compress_skb()<br /> fails.