CVE-2025-40165

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc4-next-20250704-06511-gff0e002d480a

Description The Linux kernel contains an issue within the nxp imx8-isi m2m subsystem. An imbalance in streamon/streamoff calls, such as exiting an application with Ctrl+C during streaming, can prevent the m2m usage count from reaching zero, leading to memory leaks and preventing the ISI channel from being freed. Additionally, if the input line width exceeds 2K, a warning is triggered. The issue is addressed by moving streaming preparation and cleanup to the vb2 .prepare streaming() and .unprepare streaming() operations.

Recommendations Update to a version later than 6.16.0-rc4-next-20250704-06511-gff0e002d480a.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399CWE-371

Related Identifiers

BDU:2025-16439

CVE-2025-40165

OPENSUSE-SU-2025:20172-1

SUSE-SU-2026:20012-1

SUSE-SU-2026:20015-1

SUSE-SU-2026:20021-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

Imx8-Isi

CVE-2025-40165

Weakness Enumeration

Related Identifiers

Affected Products

References · 1799