Memory Leak Vulnerability in Linux Kernel Affecting Memory Control Groups
CVE-2025-38258

Currently unrated

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
9 July 2025

What is CVE-2025-38258?

A memory leak vulnerability in the Linux kernel allows users to leak kernel memory through improper handling of allocated buffers in the memory control group (memcg) path. When users write data continuously to the memcg_path file in the DAMON sysfs interface, previously allocated memory buffers are not properly deallocated, leading to an increased risk of memory leaks. The affected function, memcg_path_store(), fails to free old buffers when new data is assigned, which could be exploited to compromise system memory and stability.

Affected Version(s)

Linux 7ee161f18b5da5170b5d6a51aace49d312099128 < 490a43d07f1663d827e802720d30cbc0494e4f81

Linux 7ee161f18b5da5170b5d6a51aace49d312099128

Linux 7ee161f18b5da5170b5d6a51aace49d312099128 < 4a158ac0538dd5695eeaa00aa0720d711f3e4ef1

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38258 : Memory Leak Vulnerability in Linux Kernel Affecting Memory Control Groups