Memory Leak Vulnerability in Linux Kernel Affecting Memory Control Groups
CVE-2025-38258
What is CVE-2025-38258?
A memory leak vulnerability in the Linux kernel allows users to leak kernel memory through improper handling of allocated buffers in the memory control group (memcg) path. When users write data continuously to the memcg_path file in the DAMON sysfs interface, previously allocated memory buffers are not properly deallocated, leading to an increased risk of memory leaks. The affected function, memcg_path_store(), fails to free old buffers when new data is assigned, which could be exploited to compromise system memory and stability.
Affected Version(s)
Linux 7ee161f18b5da5170b5d6a51aace49d312099128 < 490a43d07f1663d827e802720d30cbc0494e4f81
Linux 7ee161f18b5da5170b5d6a51aace49d312099128
Linux 7ee161f18b5da5170b5d6a51aace49d312099128 < 4a158ac0538dd5695eeaa00aa0720d711f3e4ef1