Description

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio->bi_integrity. Since commit bf4c89fc8797 ("block: don't call bio_uninit from bio_endio") each user of bio_init has to use bio_uninit as well. Otherwise the bio integrity is not getting free. Nvmet uses bio_init for inline bios. Uninit the inline bio to complete deallocation of integrity in bio.

INFO

Published Date :

2025-07-25T13:12:07.926Z

Last Modified :

2025-07-28T04:21:15.215Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38405 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38405.

URL Resource
https://git.kernel.org/stable/c/190f4c2c863af7cc5bb354b70e0805f06419c038 cve-icon cve-icon
https://git.kernel.org/stable/c/2e2028fcf924d1c6df017033c8d6e28b735a0508 cve-icon cve-icon
https://git.kernel.org/stable/c/431e58d56fcb5ff1f9eb630724a922e0d2a941df cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38405-014e@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38405 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38405 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact