CVE-2025-38331
Analyzed Analyzed - Analysis Complete
BaseFortify

Publication date: 2025-07-10

Last updated on: 2025-12-19

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb->len to the "TOE/TSO" offloader and it will handle them. Without this quirk the driver becomes unstable and lock up and and crash. I do not know exactly why, but it is probably due to the TOE (TCP offload engine) feature that is coupled with the segmentation feature - it is not possible to turn one part off and not the other, either both TOE and TSO are active, or neither of them. Not having the TOE part active seems detrimental, as if that hardware feature is not really supposed to be turned off. The datasheet says: "Based on packet parsing and TCP connection/NAT table lookup results, the NetEngine puts the packets belonging to the same TCP connection to the same queue for the software to process. The NetEngine puts incoming packets to the buffer or series of buffers for a jumbo packet. With this hardware acceleration, IP/TCP header parsing, checksum validation and connection lookup are offloaded from the software processing." After numerous tests with the hardware locking up after something between minutes and hours depending on load using iperf3 I have concluded this is necessary to stabilize the hardware.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-10
Last Modified
2025-12-19
Generated
2026-05-27
AI Q&A
2025-07-10
EPSS Evaluated
2026-05-25
NVD
CVE-2025-38331
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 4.16 (inc) to 6.1.142 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.95 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.35 (exc)
linux linux_kernel From 6.13 (inc) to 6.15.4 (exc)
debian debian_linux 11.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Linux kernel's ethernet cortina driver where the hardware accelerator for TCP offloading (TOE/TSO) is not properly used for all TCP frames. Without enabling both TOE and TSO features together, the driver becomes unstable, leading to hardware lockups and crashes. The issue arises because the hardware expects both features to be active simultaneously, and turning off TOE while keeping TSO active causes instability. The fix ensures that the hardware accelerator processes all TCP frames correctly to maintain stability.


How can this vulnerability impact me? :

If this vulnerability is present, the ethernet driver can become unstable and cause the hardware to lock up or crash after some time depending on network load. This can lead to system instability, network outages, and potential downtime, affecting the reliability of systems using the affected Linux kernel driver.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, ensure that both TOE (TCP Offload Engine) and TSO (TCP Segmentation Offload) features are enabled together on the affected network driver (cortina) in the Linux kernel. Disabling one without the other can cause hardware instability, lockups, and crashes. Applying the kernel update that includes this fix or configuring the driver to use TOE/TSO on all TCP frames is recommended to stabilize the hardware.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart