5.5

CVE-2025-22071

spufs: fix a leak in spufs_create_context()

In the Linux kernel, the following vulnerability has been resolved:

spufs: fix a leak in spufs_create_context()

Leak fixes back in 2008 missed one case - if we are trying to set affinity
and spufs_mkdir() fails, we need to drop the reference to neighbor.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.25 < 5.4.292
LinuxLinux Kernel Version >= 5.5 < 5.10.236
LinuxLinux Kernel Version >= 5.11 < 5.15.180
LinuxLinux Kernel Version >= 5.16 < 6.1.134
LinuxLinux Kernel Version >= 6.2 < 6.6.87
LinuxLinux Kernel Version >= 6.7 < 6.12.23
LinuxLinux Kernel Version >= 6.13 < 6.13.11
LinuxLinux Kernel Version >= 6.14 < 6.14.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.083
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/829bd6139968e2e759f3928cf65ad0db1e302fe3
Patch
https://git.kernel.org/stable/c/410c787d89c92df4215d7b1a338e2c1a8aba6b9b
Patch
https://git.kernel.org/stable/c/c4e72a0d75442237b6f3bcca10a7d81b89376d16
Patch
https://git.kernel.org/stable/c/a333f223e555d27609f8b45d75a08e8e1d36c432
Patch
https://git.kernel.org/stable/c/239ea3c34673b3244a499fd65771c47e5bffcbb0
Patch
https://git.kernel.org/stable/c/d04600f43569d48262e1328eaa1592fcefa2c19c
Patch
https://git.kernel.org/stable/c/5a90b699844a5bb96961e5892e51cc59255444a3
Patch
https://git.kernel.org/stable/c/4a7448c83e117ed68597952ecaede1cebc4427a7
Patch
https://git.kernel.org/stable/c/0f5cce3fc55b08ee4da3372baccf4bcd36a98396
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html