5.5
CVE-2025-38409
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 23.12.2025 19:46:10
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drm/msm: Fix another leak in the submit error path
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path put_unused_fd() doesn't free the installed file, if we've already done fd_install(). So we need to also free the sync_file. Patchwork: https://patchwork.freedesktop.org/patch/653583/
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.12 < 6.1.144
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.97
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.37
Linux ≫ Linux Kernel Version >= 6.13 < 6.15.6
Linux ≫ Linux Kernel Version6.16 Updaterc1
Linux ≫ Linux Kernel Version6.16 Updaterc2
Debian ≫ Debian Linux Version11.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.051 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/00b3401f692082ddf6342500d1be25560bba46d4
https://git.kernel.org/stable/c/30d3819b0b9173e31b84d662a592af8bad351427
https://git.kernel.org/stable/c/3f6ce8433a9035b0aa810e1f5b708e9dc1c367b0
https://git.kernel.org/stable/c/c40ad1c04d306f7fde26337fdcf8a5979657d93f
https://git.kernel.org/stable/c/f681c2aa8676a890eacc84044717ab0fd26e058f
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html