Memory Leak Vulnerability in Linux Kernel's MLX5 Network Driver
CVE-2025-39834

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-39834?

A memory leak vulnerability exists in the Linux kernel's MLX5 network driver, specifically in the function handling shares for the STC NIC. When an invalid 'stc_type' is received, memory is allocated for the shared STC but is not released if the execution jumps to the 'unlock_and_out' pathway. This oversight can lead to significant memory consumption and degrade system performance over time, as allocated resources remain unfreed. The issue has been identified and resolved by modifying the error handling path to ensure proper memory cleanup.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 504e536d90104c850731840d3fbc95acf251f11b < 051fd8576a2e4e95d5870c5c9f8679c5b16882e4

Linux 504e536d90104c850731840d3fbc95acf251f11b

Linux 6.12

References

https://git.kernel.org/stable/c/051fd8576a2e4e95d5870c5c9...

https://git.kernel.org/stable/c/a630f83592cdad1253523a1b7...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Linux

What is CVE-2025-39834?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.