CVE-2025-38565
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-19

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed reference counter. But nothing undoes this as perf_mmap_close() is never called in this case, which causes another reference count leak. Return early on failure to prevent that.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-19
Last Modified
2025-11-03
Generated
2026-05-07
AI Q&A
2025-08-19
EPSS Evaluated
2026-05-05
NVD
CVE-2025-38565
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel 5.10.244
linux linux_kernel 6.1.153
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's perf subsystem. When the function perf_mmap() fails to allocate a buffer, it still calls the event_mapped() callback, which on X86 systems can increase a reference counter (perf_rdpmc_allowed). However, because perf_mmap_close() is never called in this failure case, the reference counter is not decremented, causing a reference count leak. The fix involves returning early on failure to prevent this leak.


How can this vulnerability impact me? :

The vulnerability can lead to a reference count leak in the Linux kernel's perf subsystem. Over time, this leak could cause resource exhaustion or instability in the kernel, potentially affecting system performance or reliability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart