fkie_cve-2025-38390
Vulnerability from fkie_nvd
Published
2025-07-25 13:15
Modified
2025-07-25 15:29
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_ffa: Fix memory leak by freeing notifier callback node
Commit e0573444edbf ("firmware: arm_ffa: Add interfaces to request
notification callbacks") adds support for notifier callbacks by allocating
and inserting a callback node into a hashtable during registration of
notifiers. However, during unregistration, the code only removes the
node from the hashtable without freeing the associated memory, resulting
in a memory leak.
Resolve the memory leak issue by ensuring the allocated notifier callback
node is properly freed after it is removed from the hashtable entry.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_ffa: Fix memory leak by freeing notifier callback node\n\nCommit e0573444edbf (\"firmware: arm_ffa: Add interfaces to request\nnotification callbacks\") adds support for notifier callbacks by allocating\nand inserting a callback node into a hashtable during registration of\nnotifiers. However, during unregistration, the code only removes the\nnode from the hashtable without freeing the associated memory, resulting\nin a memory leak.\n\nResolve the memory leak issue by ensuring the allocated notifier callback\nnode is properly freed after it is removed from the hashtable entry."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_ffa: Corregir fuga de memoria liberando el nodo de devoluci\u00f3n de llamada del notificador. El commit e0573444edbf (\"firmware: arm_ffa: A\u00f1adir interfaces para solicitar devoluciones de llamada de notificaci\u00f3n\") a\u00f1ade compatibilidad con devoluciones de llamada de notificador mediante la asignaci\u00f3n e inserci\u00f3n de un nodo de devoluci\u00f3n de llamada en una tabla hash durante el registro de notificadores. Sin embargo, al anular el registro, el c\u00f3digo solo elimina el nodo de la tabla hash sin liberar la memoria asociada, lo que provoca una fuga de memoria. Para resolver el problema de fuga de memoria, aseg\u00farese de que el nodo de devoluci\u00f3n de llamada del notificador asignado se libere correctamente tras eliminarlo de la entrada de la tabla hash."
}
],
"id": "CVE-2025-38390",
"lastModified": "2025-07-25T15:29:19.837",
"metrics": {},
"published": "2025-07-25T13:15:28.373",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/076fa20b4f5737c34921dbb152f9efceaee571b2"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/938827c440564b2cf2f9b804d1fe81ce8267eded"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/a833d31ad867103ba72a0b73f3606f4ab8601719"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…