CVE-2025-38565

HIGH EPSS 6.5%
Published Aug 19, 202510mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Aug 19, 2025 10mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed reference counter. But nothing undoes this as perf_mmap_close() is never called in this case, which causes another reference count leak. Return early on failure to prevent that.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
6.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥4.0  –  <5.4.297
linuxlinux_kernel*≥5.5  –  <5.10.241
linuxlinux_kernel*≥5.11  –  <5.15.190
linuxlinux_kernel*≥5.16  –  <6.1.148
linuxlinux_kernel*≥6.2  –  <6.6.102
linuxlinux_kernel*≥6.7  –  <6.12.42
linuxlinux_kernel*≥6.13  –  <6.15.10
linuxlinux_kernel*≥6.16  –  <6.16.1
debiandebian_linux11.0any

References 11

  • git.kernel.org https://git.kernel.org/stable/c/07091aade394f690e7b655578140ef84d0e8d7b0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/163b0d1a209fe0df5476c1df2330ca12b55abf92
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/27d44145bd576bbef9bf6165bcd78128ec3e6cbd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5ffda7f3ed76ec8defc19d985e33b3b82ba07839
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ff8521f30c4c2fcd4e88bd7640486602bf8a650
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/92043120a2e992800580855498ab8507e1b22db9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9b90a48c7de828a15c7a4fc565d46999c6e22d6b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de85e72598d89880a02170a1cbc27b35a7d978a9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f41e9eba77bf97626e04296dc5677d02816d2432
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Mailing ListThird Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Mailing ListThird Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/07091aade394f690e7b655578140ef84d0e8d7b0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/163b0d1a209fe0df5476c1df2330ca12b55abf92
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/27d44145bd576bbef9bf6165bcd78128ec3e6cbd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5ffda7f3ed76ec8defc19d985e33b3b82ba07839
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ff8521f30c4c2fcd4e88bd7640486602bf8a650
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/92043120a2e992800580855498ab8507e1b22db9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9b90a48c7de828a15c7a4fc565d46999c6e22d6b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de85e72598d89880a02170a1cbc27b35a7d978a9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f41e9eba77bf97626e04296dc5677d02816d2432
    Patch