CVE-2025-39834

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow

When an invalid stc_type is provided, the function allocates memory for shared_stc but jumps to unlock_and_out without freeing it, causing a memory leak.

Fix by jumping to free_shared_stc label instead to ensure proper cleanup.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux504e536d90104c850731840d3fbc95acf251f11b < 051fd8576a2e4e95d5870c5c9f8679c5b16882e4affected
LinuxLinux504e536d90104c850731840d3fbc95acf251f11b < a630f83592cdad1253523a1b760cfe78fef6cd9caffected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.16.5 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References