SB2025082027 - Memory leak in Linux kernel misc vmw_vmci driver
Published: August 20, 2025
Security Bulletin ID
SB2025082027
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2025-38611)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ctx_fire_notification() function in drivers/misc/vmw_vmci/vmci_context.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/6696a46f4ebdc7314ff23a2fb0e93a95da2c45ee
- https://git.kernel.org/stable/c/7624fe66a0832eb6fe4e465fcdd4f9104fb9b339
- https://git.kernel.org/stable/c/87f8f8654e55cf9327cc63746595085a041699dc
- https://git.kernel.org/stable/c/94112b0d443e0b6b5bb17854f97c1498064cc9ed
- https://git.kernel.org/stable/c/bfb4cf9fb97e4063f0aa62e9e398025fb6625031
- https://git.kernel.org/stable/c/bfd6b211fe8aae79acbedd19e8d5bea5d062a41b