5.5

CVE-2025-71163

dmaengine: idxd: fix device leaks on compat bind and unbind

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: fix device leaks on compat bind and unbind

Make sure to drop the reference taken when looking up the idxd device as
part of the compat bind and unbind sysfs interface.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 5.15.199
LinuxLinux Kernel Version >= 5.16 < 6.1.162
LinuxLinux Kernel Version >= 6.2 < 6.6.122
LinuxLinux Kernel Version >= 6.7 < 6.12.67
LinuxLinux Kernel Version >= 6.13 < 6.18.7
LinuxLinux Kernel Version6.19 Updaterc1
LinuxLinux Kernel Version6.19 Updaterc2
LinuxLinux Kernel Version6.19 Updaterc3
LinuxLinux Kernel Version6.19 Updaterc4
LinuxLinux Kernel Version6.19 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.091
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/0c97ff108f825a70c3bb29d65ddf0a013d231bb9
Patch
https://git.kernel.org/stable/c/a7226fd61def74b60dd8e47ec84cabafc39d575b
Patch
https://git.kernel.org/stable/c/799900f01792cf8b525a44764f065f83fcafd468
Patch
https://git.kernel.org/stable/c/c81ea0222eaaafdd77348e27d1e84a1b8cfc0c99
Patch
https://git.kernel.org/stable/c/b2d077180a56e3b7c97b7517d0465b584adc693b
Patch
https://git.kernel.org/stable/c/b7bd948f89271c92d9ca9b2b682bfba56896e959
Patch