CVE-2025-39834
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow
When an invalid stc_type is provided, the function allocates memory for shared_stc but jumps to unlock_and_out without freeing it, causing a memory leak.
Fix by jumping to free_shared_stc label instead to ensure proper cleanup.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 504e536d90104c850731840d3fbc95acf251f11b < 051fd8576a2e4e95d5870c5c9f8679c5b16882e4 | affected |
| Linux | Linux | 504e536d90104c850731840d3fbc95acf251f11b < a630f83592cdad1253523a1b760cfe78fef6cd9c | affected |
| Linux | Linux | 6.12 | affected |
| Linux | Linux | 0 < 6.12 | unaffected |
| Linux | Linux | 6.16.5 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/051fd8576a2e4e95d5870c5c9f8679c5b16882e4
- https://git.kernel.org/stable/c/a630f83592cdad1253523a1b760cfe78fef6cd9c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.