Linux Kernel ALSA HDA Memory Leak Vulnerability in Widget Node Management

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's Advanced Linux Sound Architecture (ALSA) HD Audio (HDA) subsystem. The issue arises in the 'add_widget_node' function, where the 'kobject_add' call can allocate memory for the 'kobject->name' if an error occurs. If 'kobject_add' fails, the allocated memory is not freed, leading to a potential memory leak. The vulnerability has been addressed by ensuring that resources are properly recycled when 'kobject_add' fails.

Impact

Exploitation of this vulnerability could lead to a memory leak, causing increased memory usage and potentially degrading system performance over time.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ALSA HDA Memory Leak Vulnerability in Widget Node Management

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating