CVE-2025-39830
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-39830
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39830.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-39830
- Downstream
- Related
- Published
- 2025-09-16T13:08:48Z
- Modified
- 2025-10-18T06:05:22.886165Z
- Summary
- net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: HWS, Fix memory leak in hwspoolbuddy_init error path
In the error path of hwspoolbuddy_init(), the buddy allocator cleanup doesn't free the allocator structure itself, causing a memory leak.
Add the missing kfree() to properly release all allocated memory.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc61afff94373641695cc81999e9bb10408ea84d5Fixed86d13a6f49cb68aa91bd718b1b627e72e77285c1
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc61afff94373641695cc81999e9bb10408ea84d5Fixed2c0a959bebdc1ada13cf9a8242f177c5400299e6
Affected versions
v6.*
v6.11
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.16.1
v6.16.2
v6.16.3
v6.16.4
v6.17-rc1
v6.17-rc2
Database specific
vanir_signatures
[
{
"target": {
"file": "drivers/net/ethernet/mellanox/mlx5/core/steering/hws/pool.c"
},
"id": "CVE-2025-39830-225f12cf",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@86d13a6f49cb68aa91bd718b1b627e72e77285c1",
"digest": {
"line_hashes": [
"193835221365387561082101449102458890678",
"217602036612769063613533697881496409132",
"285128138314035135803762110127975678793",
"335842555425992488845087538173617268753"
],
"threshold": 0.9
}
},
{
"target": {
"function": "hws_pool_buddy_init",
"file": "drivers/net/ethernet/mellanox/mlx5/core/steering/hws/pool.c"
},
"id": "CVE-2025-39830-5589bc99",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2c0a959bebdc1ada13cf9a8242f177c5400299e6",
"digest": {
"function_hash": "173805097038891940801497545644052290365",
"length": 454.0
}
},
{
"target": {
"function": "hws_pool_buddy_init",
"file": "drivers/net/ethernet/mellanox/mlx5/core/steering/hws/pool.c"
},
"id": "CVE-2025-39830-56fb54c2",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@86d13a6f49cb68aa91bd718b1b627e72e77285c1",
"digest": {
"function_hash": "173805097038891940801497545644052290365",
"length": 454.0
}
},
{
"target": {
"file": "drivers/net/ethernet/mellanox/mlx5/core/steering/hws/pool.c"
},
"id": "CVE-2025-39830-fc6a43c2",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2c0a959bebdc1ada13cf9a8242f177c5400299e6",
"digest": {
"line_hashes": [
"193835221365387561082101449102458890678",
"217602036612769063613533697881496409132",
"285128138314035135803762110127975678793",
"335842555425992488845087538173617268753"
],
"threshold": 0.9
}
}
]