Impact
The vulnerability originates in the XFRM IPComp implementation of the Linux kernel, where the allocated destination scatter‑gather list is not freed on certain error paths. When these errors occur, memory is left unreleased, potentially leading to a gradual accumulation of leaked pages. This represents a CWE‑772 (Unreleased Resource) weakness. The leak could eventually consume available RAM, causing kernel instability or a crash, which results in a denial‑of‑service condition. The flaw does not provide direct code‑execution or privilege escalation capabilities.
Affected Systems
Any Linux kernel that includes the XFRM IPComp subsystem before the fix is potentially affected. The CVE does not enumerate specific kernel releases, so all unpatched versions that still contain this legacy code are at risk.
Risk and Exploitability
The EPSS score remains < 1% and the vulnerability is not listed in the CISA KEV catalog. The CVSS score of 7.5 indicates high severity, confirming the description’s suggestion that triggering an IPComp error could lead to significant denial‑of‑service risk. Given that exploitation requires influencing the kernel’s error path—most likely through crafted IPComp packets—the attack surface is network‑based. The failure to free destination scatter‑gather pages constitutes a memory‑leak vulnerability (CWE‑772), so systems that handle IPComp traffic are at risk of exhausting kernel memory and crashing.
OpenCVE Enrichment