CVE-2025-39834

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow

When an invalid stc_type is provided, the function allocates memory for
shared_stc but jumps to unlock_and_out without freeing it, causing a
memory leak.

Fix by jumping to free_shared_stc label instead to ensure proper cleanup.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bookworm
6.1.148-1
not-affected
bullseye (security)
5.10.237-1
fixed
bookworm (security)
6.1.147-1
fixed
trixie
vulnerable
trixie (security)
vulnerable
forky
vulnerable
sid
6.16.7-1
fixed
References
https://git.kernel.org/stable/c/051fd8576a2e4e95d5870c5c9f8679c5b16882e4
https://git.kernel.org/stable/c/a630f83592cdad1253523a1b760cfe78fef6cd9c