SB20250916104 - Memory leak in Linux kernel mm
Published: September 16, 2025
Security Bulletin ID
SB20250916104
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2025-39736)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mem_pool_alloc() function in mm/kmemleak.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/08f70be5e406ce47c822f2dd11c1170ca259605b
- https://git.kernel.org/stable/c/1da95d3d4b7b1d380ebd87b71a61e7e6aed3265d
- https://git.kernel.org/stable/c/47b0f6d8f0d2be4d311a49e13d2fd5f152f492b2
- https://git.kernel.org/stable/c/4b0151e1d468eb2667c37b7af99b3c075072d334
- https://git.kernel.org/stable/c/62879faa8efe8d8a9c7bf7606ee9c068012d7dac
- https://git.kernel.org/stable/c/a0854de00ce2ee27edf39037e7836ad580eb3350
- https://git.kernel.org/stable/c/a181b228b37a6a5625dad2bb4265bb7abb673e9f
- https://git.kernel.org/stable/c/c7b6ea0ede687e7460e593c5ea478f50aa41682a
- https://git.kernel.org/stable/c/f249d32bb54876b4b6c3ae071af8ddca77af390b