CVE-2025-68787

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netrom: Fix memory leak in nr_sendmsg()<br /> <br /> syzbot reported a memory leak [1].<br /> <br /> When function sock_alloc_send_skb() return NULL in nr_output(), the<br /> original skb is not freed, which was allocated in nr_sendmsg(). Fix this<br /> by freeing it before return.<br /> <br /> [1]<br /> BUG: memory leak<br /> unreferenced object 0xffff888129f35500 (size 240):<br /> comm "syz.0.17", pid 6119, jiffies 4294944652<br /> hex dump (first 32 bytes):<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> 00 00 00 00 00 00 00 00 00 10 52 28 81 88 ff ff ..........R(....<br /> backtrace (crc 1456a3e4):<br /> kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]<br /> slab_post_alloc_hook mm/slub.c:4983 [inline]<br /> slab_alloc_node mm/slub.c:5288 [inline]<br /> kmem_cache_alloc_node_noprof+0x36f/0x5e0 mm/slub.c:5340<br /> __alloc_skb+0x203/0x240 net/core/skbuff.c:660<br /> alloc_skb include/linux/skbuff.h:1383 [inline]<br /> alloc_skb_with_frags+0x69/0x3f0 net/core/skbuff.c:6671<br /> sock_alloc_send_pskb+0x379/0x3e0 net/core/sock.c:2965<br /> sock_alloc_send_skb include/net/sock.h:1859 [inline]<br /> nr_sendmsg+0x287/0x450 net/netrom/af_netrom.c:1105<br /> sock_sendmsg_nosec net/socket.c:727 [inline]<br /> __sock_sendmsg net/socket.c:742 [inline]<br /> sock_write_iter+0x293/0x2a0 net/socket.c:1195<br /> new_sync_write fs/read_write.c:593 [inline]<br /> vfs_write+0x45d/0x710 fs/read_write.c:686<br /> ksys_write+0x143/0x170 fs/read_write.c:738<br /> do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]<br /> do_syscall_64+0xa4/0xfa0 arch/x86/entry/syscall_64.c:94<br /> entry_SYSCALL_64_after_hwframe+0x77/0x7f