Resource Leak in Linux Kernel's NVM Express Fiber Channel
CVE-2025-40171

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
12 November 2025

What is CVE-2025-40171?

A resource leak exists in the Linux kernel's NVM Express Fiber Channel driver where multiple asynchronous commands can be active simultaneously. This design flaw leads to a situation where a reference to a target port is obtained for each command, but only one put work item is queued, resulting in leaked references. To address this issue, the solution involves repositioning the work item within the nvmet_fc_ls_req_op structure, which is responsible for tracking all resources related to each command. Ensuring proper resource management is crucial for maintaining system performance and reliability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 5e0bc09a52b6169ce90f7ac6e195791adb16cec4 < 11269c08013f4ee8b8f5edc6c56700acb34092d0

Linux 9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8

Linux eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30 < 060ecc81240ef9d60d9485a3a5eb55a0d6e7a25c

References

https://git.kernel.org/stable/c/11269c08013f4ee8b8f5edc6c...
https://git.kernel.org/stable/c/a28112cc55013cd8cbd5d36b5...
https://git.kernel.org/stable/c/060ecc81240ef9d60d9485a3a...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.