Memory Leak Vulnerability in Linux Kernel Affecting Video Device Allocation
CVE-2025-38228

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38228?

A memory leak vulnerability exists in the Linux kernel related to the video device allocation process. Specifically, the e5010_probe() function can lead to memory not being properly released when video_device_alloc() encounters an error. The addition of video_device_release() ensures that allocated memory is effectively freed under failure conditions, mitigating potential resource exhaustion and improving overall system stability.

Affected Version(s)

Linux a1e2940458853d00c178c842c889e4ae3ef5eaec < 2a2bd7df402decbdefd0acb64ba4e17a0a2a4117

Linux a1e2940458853d00c178c842c889e4ae3ef5eaec

Linux a1e2940458853d00c178c842c889e4ae3ef5eaec < 609ba05b9484856b08869f827a6edee51d51b5f3

References

https://git.kernel.org/stable/c/2a2bd7df402decbdefd0acb64...

https://git.kernel.org/stable/c/fac3b9a91fa099d9bad296481...

https://git.kernel.org/stable/c/609ba05b9484856b08869f827...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025