CVE-2025-38015
Analyzed Analyzed - Analysis Complete
BaseFortify

Publication date: 2025-06-18

Last updated on: 2025-12-17

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix memory leak in error handling path of idxd_alloc Memory allocated for idxd is not freed if an error occurs during idxd_alloc(). To fix it, free the allocated memory in the reverse order of allocation before exiting the function in case of an error.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-18
Last Modified
2025-12-17
Generated
2026-05-07
AI Q&A
2025-06-18
EPSS Evaluated
2026-05-05
NVD
CVE-2025-38015
Affected Vendors & Products
Showing 11 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.0.9 (inc) to 6.1.140 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.92 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.30 (exc)
linux linux_kernel From 6.13 (inc) to 6.14.8 (exc)
linux linux_kernel 6.15
linux linux_kernel 6.15
linux linux_kernel 6.15
linux linux_kernel 6.15
linux linux_kernel 6.15
linux linux_kernel 6.15
debian debian_linux 11.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a memory leak in the Linux kernel's dmaengine idxd driver. Specifically, when an error occurs during the idxd_alloc() function, the memory that was allocated is not properly freed, leading to a memory leak. The fix involves freeing the allocated memory in the reverse order of allocation before exiting the function when an error happens.


How can this vulnerability impact me? :

The memory leak caused by this vulnerability can lead to increased memory usage and potentially degrade system performance or stability over time if errors occur frequently during idxd_alloc(). This could result in resource exhaustion or system crashes in environments relying on the affected Linux kernel component.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for the dmaengine idxd memory leak issue. This fix ensures that allocated memory is properly freed in the error handling path of idxd_alloc().


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart