Memory Leak in Linux Kernel Affects ARM Firmware Notifier Callbacks
CVE-2025-38390

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38390?

A memory leak exists in the Linux kernel's ARM firmware subsystem due to improper management of notifier callback nodes. During the registration of notifiers, a callback node is added to a hashtable, but when the notifier is unregistered, the associated memory for the callback node is not freed. This oversight could lead to increased memory consumption over time, ultimately affecting system performance. The issue has been addressed in a patch that ensures proper deallocation of the memory associated with the callback node upon unregistration.

Affected Version(s)

Linux e0573444edbf4ee7e3c191d3d08a4ccbd26628be < 076fa20b4f5737c34921dbb152f9efceaee571b2

Linux e0573444edbf4ee7e3c191d3d08a4ccbd26628be < 938827c440564b2cf2f9b804d1fe81ce8267eded

Linux e0573444edbf4ee7e3c191d3d08a4ccbd26628be

References

https://git.kernel.org/stable/c/076fa20b4f5737c34921dbb15...

https://git.kernel.org/stable/c/938827c440564b2cf2f9b804d...

https://git.kernel.org/stable/c/a833d31ad867103ba72a0b73f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025