CVE-2025-40017

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak existed in the Linux kernel's media subsystem, specifically within the iris driver. An internal buffer allocated once per session was not being freed during session closure because it wasn't tracked in the internal buffer list. This resulted in allocated memory not being released. The issue was addressed by adding logic to explicitly free the untracked internal buffer during session close, ensuring proper memory release.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.