SB2025052185 - Memory leak in Linux kernel hw qib driver
Published: May 21, 2025 Updated: May 21, 2025
Security Bulletin ID
SB2025052185
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2025-37983)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qibfs_mknod() function in drivers/infiniband/hw/qib/qib_fs.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/24faa6ea274a2b96d0a78a0996c3137c2b2a65f0
- https://git.kernel.org/stable/c/3c2fde33e3e505dfd1a895d1f24bad650c655e14
- https://git.kernel.org/stable/c/47ab2caba495c1d6a899d284e541a8df656dcfe9
- https://git.kernel.org/stable/c/545defa656568c74590317cd30068f85134a8216
- https://git.kernel.org/stable/c/5d53e88d8370b9ab14dd830abb410d9a2671edb6
- https://git.kernel.org/stable/c/5e280cce3a29b7fe7b828c6ccd5aa5ba87ceb6b6
- https://git.kernel.org/stable/c/5fe708c5e3c8b2152c6caaa67243e431a5d6cca3
- https://git.kernel.org/stable/c/bdb43af4fdb39f844ede401bdb1258f67a580a27
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.237
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.181
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.293
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.136
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.26
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14.5
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.89