CVE-2025-38444
published 2025-07-25CVE-2025-38444: In the Linux kernel, the following vulnerability has been resolved: raid10: cleanup memleak at raid10_make_request If raid10_read_request or…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
raid10: cleanup memleak at raid10_make_request
If raid10_read_request or raid10_write_request registers a new
request and the REQ_NOWAIT flag is set, the code does not
free the malloc from the mempool.
unreferenced object 0xffff8884802c3200 (size 192):
comm "fio", pid 9197, jiffies 4298078271
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......
08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace (crc c1a049a2):
__kmalloc+0x2bb/0x450
mempool_alloc+0x11b/0x320
raid10_make_request+0x19e/0x650 [raid10]
md_handle_request+0x3b3/0x9e0
__submit_bio+0x394/0x560
__submit_bio_noacct+0x145/0x530
submit_bio_noacct_nocheck+0x682/0x830
__blkdev_direct_IO_async+0x4dc/0x6b0
blkdev_read_iter+0x1e5/0x3b0
__io_read+0x230/0x1110
io_read+0x13/0x30
io_issue_sqe+0x134/0x1180
io_submit_sqes+0x48c/0xe90
__do_sys_io_uring_enter+0x574/0x8b0
do_syscall_64+0x5c/0xe0
entry_SYSCALL_64_after_hwframe+0x76/0x7e
V4: changing backing tree to see if CKI tests will pass.
The patch code has not changed between any versions.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 39db562b3fedb93978a7e42dd216b306740959f8 < 10c6021a609deb95f23f0cc2f89aa9d4bffb14c7 | 10c6021a609deb95f23f0cc2f89aa9d4bffb14c7 |
| linux | linux | >= 5.15.111 < 5.15.189 | 5.15.189 |
| linux | linux | >= c9aa889b035fca4598ae985a0f0c76ebbb547ad2 < 9af149ca9d0dab6e59e813519d309eff62499864 | 9af149ca9d0dab6e59e813519d309eff62499864 |
| linux | linux | >= c9aa889b035fca4598ae985a0f0c76ebbb547ad2 < 8fc3d7b23d139e3cbc944c15d99b3cdbed797d2d | 8fc3d7b23d139e3cbc944c15d99b3cdbed797d2d |
| linux | linux | >= c9aa889b035fca4598ae985a0f0c76ebbb547ad2 < 2941155d9a5ae098b480d551f3a5f8605d4f9af5 | 2941155d9a5ae098b480d551f3a5f8605d4f9af5 |
| linux | linux | >= c9aa889b035fca4598ae985a0f0c76ebbb547ad2 < ed7bcd9f617e4107ac0813c516e72e6b8f6029bd | ed7bcd9f617e4107ac0813c516e72e6b8f6029bd |
| linux | linux | >= c9aa889b035fca4598ae985a0f0c76ebbb547ad2 < 43806c3d5b9bb7d74ba4e33a6a8a41ac988bde24 | 43806c3d5b9bb7d74ba4e33a6a8a41ac988bde24 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.41-1 | 6.12.41-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 5.15.0-156.166 | 5.15.0-156.166 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 5.15.111 < 5.15.189 | 5.15.189 |
| linux | linux_kernel | >= 5.17 < 6.1.146 | 6.1.146 |
| linux | linux_kernel | >= 6.13 < 6.15.7 | 6.15.7 |
| linux | linux_kernel | >= 6.2 < 6.6.99 | 6.6.99 |
| linux | linux_kernel | >= 6.7 < 6.12.39 | 6.12.39 |
| msrc | azl3_kernel_6.6.96.2-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.96.2-2_on_azure_linux_3.0 | — | — |
| msrc | cbl2_kernel_5.15.186.1-1_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM