CVE-2025-37836

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-37836
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37836.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37836
Downstream
Related
Published
2025-05-09T07:16:04Z
Modified
2025-08-09T20:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: Fix reference leak in pciregisterhost_bridge()

If deviceregister() fails, call putdevice() to give up the reference to avoid a memory leak, per the comment at device_register().

Found by code review.

[bhelgaas: squash Dan Carpenter's double free fix from https://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]

References

Affected packages