Primary

Context

Linux Kernel Aspeed SoC Information Driver Memory Leak Vulnerability

Vulnerability

Patched

A memory leak vulnerability has been identified in the Linux kernel's Aspeed SoC information driver. The issue arises because the error handling process does not properly free allocated memory, specifically for certain string attributes. This vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by loading the Aspeed SoC information driver, which allocates memory for various attributes. If the driver encounters an error during initialization, it fails to free all allocated memory, particularly the machine attribute, leading to a memory leak.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Oct 7, 2025, 6:03 PM

Updated: Oct 7, 2025, 6:03 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.7

remediation

7.7

relevance

0.6

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.7

remediation

7.7

relevance

0.6

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Aspeed SoC Information Driver Memory Leak Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating