Memory Leak Vulnerability in Linux Kernel Affecting Network Drivers
CVE-2025-39830

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-39830?

A memory leak has been identified in the Linux kernel related to the error handling process of the hws_pool_buddy_init(). This issue arises when the buddy allocator's cleanup procedure fails to free the memory allocated for the allocator structure itself. To address the problem, a missing kfree() function has been implemented to ensure that all allocated memory is properly released, preventing potential system resource exhaustion and enhancing overall system stability.

Affected Version(s)

Linux c61afff94373641695cc81999e9bb10408ea84d5 < 86d13a6f49cb68aa91bd718b1b627e72e77285c1

Linux c61afff94373641695cc81999e9bb10408ea84d5 < 2c0a959bebdc1ada13cf9a8242f177c5400299e6

Linux 6.12

References

https://git.kernel.org/stable/c/86d13a6f49cb68aa91bd718b1...

https://git.kernel.org/stable/c/2c0a959bebdc1ada13cf9a824...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Apr 16, 2025