Memory Management Issue in Linux Kernel Affects Media Drivers
CVE-2025-38225

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38225?

A memory management vulnerability exists in the Linux kernel pertaining to the media driver subsystem. Specifically, improper handling of allocation failures can lead to uninitialized memory buffers and NULL pointer dereferences. If allocation failures are not adequately cleaned up, subsequent allocation processes may inaccurately report errors, resulting in application instability. The vulnerability underscores the importance of rigorous allocation error handling to maintain system reliability and integrity.

Affected Version(s)

Linux 2db16c6ed72ce644d5639b3ed15e5817442db4ba

Linux 2db16c6ed72ce644d5639b3ed15e5817442db4ba < 0ee9469f818a0b4de3c0e7aecd733c103820d181

Linux 2db16c6ed72ce644d5639b3ed15e5817442db4ba < 6d0efe7d35c75394f32ff9d0650a007642d23857

References

https://git.kernel.org/stable/c/ec26be7d6355a05552a0d0c1e...

https://git.kernel.org/stable/c/0ee9469f818a0b4de3c0e7aec...

https://git.kernel.org/stable/c/6d0efe7d35c75394f32ff9d06...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025