Memory Leak in Linux Kernel Remote Procedure Handling
CVE-2025-38419

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 July 2025

What is CVE-2025-38419?

A vulnerability exists in the Linux kernel's remote procedure handling that may lead to a memory leak. Specifically, when the rproc_attach() function is called while the remote processor state is RPROC_DETACHED, a failure in rproc_handle_resources() does not trigger the release of resources allocated during rproc_attach(). This oversight can lead to unreferenced objects persisting in memory, ultimately causing a leak. The fix involves refining the control flow to ensure that the resource cleanup process is invoked correctly under failure conditions, preventing unnecessary resource occupation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 10a3d4079eaea06472f1981152e2840e7232ffa9

Linux 10a3d4079eaea06472f1981152e2840e7232ffa9 < 82208ce9505abb057afdece7c62a14687c52c9ca

Linux 10a3d4079eaea06472f1981152e2840e7232ffa9 < 9515d74c9d1ae7308a02e8bd4f894eb8137cf8df

References

https://git.kernel.org/stable/c/c56d6ef2711ee51b54f160ad0...
https://git.kernel.org/stable/c/82208ce9505abb057afdece7c...
https://git.kernel.org/stable/c/9515d74c9d1ae7308a02e8bd4...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.