Main Vulnerability Database SB2025072791

SB2025072791 - Resource management error in Linux kernel dma idxd driver

Published: July 27, 2025

Security Bulletin ID SB2025072791

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2025-38369)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the idxd_cdev_evl_drain_pasid() function in drivers/dma/idxd/cdev.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/17502e7d7b7113346296f6758324798d536c31fd
https://git.kernel.org/stable/c/98fd66c8ba77e3a7137575f610271014bc0e701f
https://git.kernel.org/stable/c/aee7a7439f8c0884da87694a401930204a57128f
https://git.kernel.org/stable/c/e0051a3daa8b2cb318b03b2f9317c3e40855847a