Linux Kernel Hyper-V DRM Device Address Space Leak Vulnerability

Vulnerability

A vulnerability in the Linux kernel's handling of Hyper-V DRM devices can lead to an address space leak. When a Hyper-V DRM device is probed, the driver allocates memory-mapped I/O (MMIO) space for the video RAM and maps it as cacheable. However, if the device is removed or if an error occurs during probing, the MMIO space is released without being unmapped first. This oversight causes a leak of the kernel address space associated with the mapping. The vulnerability has been addressed by adding unmapping calls in both the device removal process and the error handling path during device probing.

Impact

The vulnerability causes a kernel address space leak, which could potentially be exploited to access sensitive information or manipulate kernel memory.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Hyper-V DRM Device Address Space Leak Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating