Memory Leak Vulnerability in Linux Kernel Affecting Spinand ECC Engine Configuration
CVE-2025-38384

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 July 2025

What is CVE-2025-38384?

A memory leak vulnerability in the Linux Kernel affects the ECC engine configuration during the cleanup process of Spinand. Specifically, memory allocated for the ECC engine configuration is not properly released, leading to potential resource exhaustion. This flaw can be observed through kmemleak traces indicating unreferenced memory objects. The issue arises when the spinand_cleanup() function fails to call nanddev_ecc_engine_cleanup(), resulting in the persistent memory allocation. Properly addressing this leak is crucial to maintain the stability and efficiency of systems relying on the Linux Kernel.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 3d1f08b032dc4e168f3aefed1e07a63c3c080325 < 68d3417305ee100dcad90fd6e5846b22497aa394

Linux 3d1f08b032dc4e168f3aefed1e07a63c3c080325

Linux 3d1f08b032dc4e168f3aefed1e07a63c3c080325

References

https://git.kernel.org/stable/c/68d3417305ee100dcad90fd6e...
https://git.kernel.org/stable/c/f99408670407abb6493780e38...
https://git.kernel.org/stable/c/d5c1e3f32902ab518519d0551...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.