SB2025121001 - Memory leak in Linux kernel futex
Published: December 10, 2025
Security Bulletin ID
SB2025121001
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2025-40341)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the SYSCALL_DEFINE2(), SYSCALL_DEFINE3() and COMPAT_SYSCALL_DEFINE3() functions in kernel/futex/syscalls.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3b4222494489f6d4b8705a496dab03384b7ca998
- https://git.kernel.org/stable/c/4aced32596ead1820b7dbd8e40d30b30dc1f3ad4
- https://git.kernel.org/stable/c/6511984d1aa1360181bcafb1ca75df7f291ef237
- https://git.kernel.org/stable/c/6b54082c3ed4dc9821cdf0edb17302355cc5bb45
- https://git.kernel.org/stable/c/b524455a51feb6013df3a5dba3160487b2e8e22a