5.5

CVE-2025-38015

dmaengine: idxd: fix memory leak in error handling path of idxd_alloc

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: fix memory leak in error handling path of idxd_alloc

Memory allocated for idxd is not freed if an error occurs during
idxd_alloc(). To fix it, free the allocated memory in the reverse order
of allocation before exiting the function in case of an error.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.0.9 < 6.1.140
LinuxLinux Kernel Version >= 6.2 < 6.6.92
LinuxLinux Kernel Version >= 6.7 < 6.12.30
LinuxLinux Kernel Version >= 6.13 < 6.14.8
LinuxLinux Kernel Version6.15 Updaterc1
LinuxLinux Kernel Version6.15 Updaterc2
LinuxLinux Kernel Version6.15 Updaterc3
LinuxLinux Kernel Version6.15 Updaterc4
LinuxLinux Kernel Version6.15 Updaterc5
LinuxLinux Kernel Version6.15 Updaterc6
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.057
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/64afd9a1f644b27661420257dcc007d5009c99dd
Patch
https://git.kernel.org/stable/c/6e94a2c3e4c166cd2736ac225fba5889fb1e8ac0
Patch
https://git.kernel.org/stable/c/868dbce755ec92855362d213f47e045a8388361a
Patch
https://git.kernel.org/stable/c/4f005eb68890698e5abc6a3af04dab76f175c50c
Patch
https://git.kernel.org/stable/c/46a5cca76c76c86063000a12936f8e7875295838
Patch
https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
Third Party Advisory