PT-2025-33764 · Linux+5 · Linux Kernel+5

Published

2025-08-05

·

Updated

2026-05-26

·

CVE-2025-38565

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A reference count leak exists in the perf/core subsystem of the Linux kernel. Specifically, when perf mmap() fails to allocate a buffer, the event mapped() callback of the related event is still invoked, potentially increasing the perf rdpmc allowed reference counter. Because perf mmap close() is not called in this scenario, the reference count is not decremented, leading to a memory leak. The issue occurs when failing to allocate a buffer during the perf mmap() function call.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Weakness Enumeration

CWE-911

Related Identifiers

AZL-66539
AZL-73803
BDU:2025-15802
CVE-2025-38565
DLA-4327-1
DLA-4328-1
ECHO-310F-482F-EB77
MGASA-2025-0234
MGASA-2025-0235
OESA-2025-2077
OESA-2025-2078
OESA-2025-2079
OESA-2025-2081
OESA-2025-2082
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03204-1
SUSE-SU-2025:03272-1
SUSE-SU-2025:03290-1
SUSE-SU-2025:03301-1
SUSE-SU-2025:03382-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20653-1
SUSE-SU-2025:20669-1
SUSE-SU-2025:20739-1
SUSE-SU-2025:20756-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_03204-1
SUSE-SU-2025_03272-1
SUSE-SU-2025_03290-1
SUSE-SU-2025_03301-1
SUSE-SU-2025_03382-1
SUSE-SU-2026:0474-1
SUSE-SU-2026:0475-1
SUSE-SU-2026:0495-1
SUSE-SU-2026:0496-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:1131-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7909-1
USN-7909-2
USN-7909-3
USN-7909-4
USN-7909-5
USN-7910-1
USN-7910-2
USN-7933-1
USN-7934-1
USN-7938-1

Affected Products

Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu