Primary

Context

Linux Kernel Memory Leak Vulnerability in IOSM WWAN Driver

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's IOSM WWAN driver. The driver registers a network device without indicating that it needs to be freed, leading to a memory leak when the device is unregistered. The issue arises because the driver fails to set the 'needs_free_netdev' flag and does not call 'free_netdev()' upon unregistering the network device. This vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a memory leak, causing increased memory usage that is not released back to the system.

Remediation

The vulnerability has been addressed by modifying the driver to set the 'needs_free_netdev' flag to true when registering the network device. This change ensures that the network device is properly freed after it is unregistered.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Memory Leak Vulnerability in IOSM WWAN Driver

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating