Primary

Context

Linux Kernel RDMA/erdma Reference Count Leak Vulnerability

Vulnerability

Patched

A reference count leak vulnerability has been identified in the Linux kernel's RDMA/erdma component. This issue arises in the 'erdma_mmap' function, where the 'rdma_user_mmap_entry_get()' function is called to take a reference, but the reference is not properly released when no longer needed. The missing 'rdma_user_mmap_entry_put()' call in the error handling path has been added to address this leak. This vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can lead to a reference count leak, which may cause memory management issues such as use-after-free vulnerabilities or memory corruption.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree to address this vulnerability.

Added: Dec 30, 2025, 4:52 PM

Updated: Dec 30, 2025, 4:52 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

1.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

1.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RDMA/erdma Reference Count Leak Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating