CVE-2025-38549

MEDIUM EPSS 3.2%
Published Aug 16, 202510mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 16, 2025 10mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths When processing mount options, efivarfs allocates efivarfs_fs_info (sfi) early in fs_context initialization. However, sfi is associated with the superblock and typically freed when the superblock is destroyed. If the fs_context is released (final put) before fill_super is called—such as on error paths or during reconfiguration—the sfi structure would leak, as ownership never transfers to the superblock. Implement the .free callback in efivarfs_context_ops to ensure any allocated sfi is properly freed if the fs_context is torn down before fill_super, preventing this memory leak.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥6.7  –  <6.12.40
linuxlinux_kernel*≥6.13  –  <6.15.8
linuxlinux_kernel6.16any
linuxlinux_kernel6.16any
linuxlinux_kernel6.16any
linuxlinux_kernel6.16any
linuxlinux_kernel6.16any
linuxlinux_kernel6.16any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/64e135f1eaba0bbb0cdee859af3328c68d5b9789
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/816d36973467d1c9c08a48bdffe4675e219a2e84
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e9fabe7036bb8be6071f39dc38605508f5f57b20
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/64e135f1eaba0bbb0cdee859af3328c68d5b9789
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/816d36973467d1c9c08a48bdffe4675e219a2e84
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e9fabe7036bb8be6071f39dc38605508f5f57b20
    Patch