SB2025070413 - Memory leak in Linux kernel netlabel
Published: July 4, 2025
Security Bulletin ID
SB2025070413
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2025-38147)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the netlbl_conn_setattr() function in net/netlabel/netlabel_kapi.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0c813dbc851dbf418fdc6dc883fd0592d6c555cd
- https://git.kernel.org/stable/c/26ce90f1ce60b0ff587de8d6aec399aa55cab28e
- https://git.kernel.org/stable/c/6e9f2df1c550ead7cecb3e450af1105735020c92
- https://git.kernel.org/stable/c/946bfdfcb76ac2bac5b8526447035885ff41c598
- https://git.kernel.org/stable/c/c32ebe33626335a536dbbdd09571c06dd9bc1729
- https://git.kernel.org/stable/c/dd8928897594931d6912ef2f7a43e110b4958d3d
- https://git.kernel.org/stable/c/e2ec310c7a50271843c585e27ef14e48c66ce649
- https://git.kernel.org/stable/c/fc2da88411470480b8b7e9177e930cedd893cf56