Main Vulnerability Database SB2025072701

SB2025072701 - Memory leak in Linux kernel sof intel

Published: July 27, 2025

Security Bulletin ID SB2025072701

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Memory leak (CVE-ID: CVE-2025-38438)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the check_tplg_quirk_mask() and hda_machine_select() functions in sound/soc/sof/intel/hda.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/58ecf51af12cb32b890858b52b2c34e80590c74a
https://git.kernel.org/stable/c/68397fda2caa90e99a7c0bcb2cf604e42ef3b91f
https://git.kernel.org/stable/c/6c038b58a2dc5a008c7e7a1297f5aaa4deaaaa7e