CVE-2025-38549

EPSS 0.02%
Veröffentlicht 16.08.2025 11:34:17
Zuletzt bearbeitet 18.08.2025 20:16:28
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths

When processing mount options, efivarfs allocates efivarfs_fs_info (sfi)
early in fs_context initialization. However, sfi is associated with the
superblock and typically freed when the superblock is destroyed. If the
fs_context is released (final put) before fill_super is called—such as
on error paths or during reconfiguration—the sfi structure would leak,
as ownership never transfers to the superblock.

Implement the .free callback in efivarfs_context_ops to ensure any
allocated sfi is properly freed if the fs_context is torn down before
fill_super, preventing this memory leak.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 816d36973467d1c9c08a48bdffe4675e219a2e84

Version 5329aa5101f73c451bcd48deaf3f296685849d9c

Status affected

Version < e9fabe7036bb8be6071f39dc38605508f5f57b20

Version 5329aa5101f73c451bcd48deaf3f296685849d9c

Status affected

Version < 64e135f1eaba0bbb0cdee859af3328c68d5b9789

Version 5329aa5101f73c451bcd48deaf3f296685849d9c

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.7

Status affected

Version < 6.7

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.40

Status unaffected

Version <= 6.15.*

Version 6.15.8

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.048

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/816d36973467d1c9c08a48bdffe4675e219a2e84

https://git.kernel.org/stable/c/e9fabe7036bb8be6071f39dc38605508f5f57b20

https://git.kernel.org/stable/c/64e135f1eaba0bbb0cdee859af3328c68d5b9789

https://nvd.nist.gov/vuln/detail/CVE-2025-38549

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38549

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38549

EUVD