Primary

Context

Linux Kernel PCI/DOE Memory Leak Vulnerability with DEBUG_OBJECTS Configuration

Vulnerability

Patched

A memory leak vulnerability has been identified in the Linux kernel's PCI/DOE implementation, specifically when the DEBUG_OBJECTS configuration is enabled. The issue arises because the work_struct associated with a completed pci_doe_task is not properly destroyed, leading to the memory leak.

Impact

Exploitation of this vulnerability causes a memory leak, which can lead to increased memory usage and potential exhaustion of system resources over time.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux kernel's official website.

Added: Dec 24, 2025, 1:18 PM

Updated: Dec 24, 2025, 1:18 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

1.7

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

1.7

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel PCI/DOE Memory Leak Vulnerability with DEBUG_OBJECTS Configuration

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating