Linux Kernel Coresight Memory Leak Vulnerability in Device Registration

Vulnerability

A memory leak vulnerability has been addressed in the Linux kernel's coresight component. The issue arose during the device registration process, where the 'device_initialize()' function was called without properly releasing the device reference in case of a registration failure. To mitigate this memory leak, the 'put_device()' function should be used for error handling instead of directly freeing the device.

Impact

Exploitation of this vulnerability could lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Coresight Memory Leak Vulnerability in Device Registration

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating