Resource Leak Issue in Linux Kernel Associated with Queue Registration
CVE-2025-37980

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 20 May 2025

What is CVE-2025-37980?

A resource leak vulnerability exists within the Linux kernel during the queue registration process. Specifically, if the registration of a queue fails after a successful blk_mq_sysfs_register() call, the system fails to properly unregister certain resources, leading to a potential memory leak. The fix implements a necessary call to blk_mq_sysfs_unregister() during error handling, ensuring that any allocated resources are appropriately cleaned up, thus maintaining system stability and performance.

Affected Version(s)

Linux 320ae51feed5c2f13664aa05a76bec198967e04d < 549cbbd14bbec12469ceb279b79c763c8a24224e

Linux 320ae51feed5c2f13664aa05a76bec198967e04d < 41e43134ddda35949974be40520460a12dda3502

Linux 320ae51feed5c2f13664aa05a76bec198967e04d < 55a7bb2708f7c7c5b366d4e40916113168a3824c

References

https://git.kernel.org/stable/c/549cbbd14bbec12469ceb279b...

https://git.kernel.org/stable/c/41e43134ddda35949974be405...

https://git.kernel.org/stable/c/55a7bb2708f7c7c5b366d4e40...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025
Vulnerability Reserved
Apr 16, 2025