Cache Leak Vulnerability in Linux Kernel Affects ACPI Components
CVE-2025-38344

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 10 July 2025

What is CVE-2025-38344?

A cache leak was identified within the Linux kernel's ACPI subsystem, where the merging of cache objects for 'Acpi-State', 'Acpi-Parse', and 'Acpi-Parse_ext' led to memory not being freed properly. This issue arises particularly during early abort cases, potentially causing significant memory waste and system instability. The vulnerability relates to improper handling of object caches, leading to residual cache elements that can hinder performance and reliability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1e0e629e88b1f7751ce69bf70cda6d1598d45271

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 41afebc9a0762aafc35d2df88f4e1b798155a940

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 960236150cd3f08e13b397dd5ae4ccf7a2986c00

References

https://git.kernel.org/stable/c/1e0e629e88b1f7751ce69bf70...

https://git.kernel.org/stable/c/41afebc9a0762aafc35d2df88...

https://git.kernel.org/stable/c/960236150cd3f08e13b397dd5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2025
Vulnerability Reserved
Apr 16, 2025