Memory Leak in Intel HDA for Linux Kernel
CVE-2025-38438

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 July 2025

What is CVE-2025-38438?

A memory leak has been identified in the Intel HDA component of the Linux kernel, caused by improper usage of memory allocation functions. The issue arises when the system allocates memory for tplg_filename using kstrdup(), which can lead to unreferenced memory objects remaining allocated indefinitely. This behavior was detected through kmemleak, revealing that memory allocated can be overwritten without proper reference management. System administrators should ensure their Linux kernel environments are updated to the latest versions to mitigate the risk associated with this vulnerability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 68397fda2caa90e99a7c0bcb2cf604e42ef3b91f

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 58ecf51af12cb32b890858b52b2c34e80590c74a

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6c038b58a2dc5a008c7e7a1297f5aaa4deaaaa7e

References

https://git.kernel.org/stable/c/68397fda2caa90e99a7c0bcb2...
https://git.kernel.org/stable/c/58ecf51af12cb32b890858b52...
https://git.kernel.org/stable/c/6c038b58a2dc5a008c7e7a129...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38438 : Memory Leak in Intel HDA for Linux Kernel