Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Memory Leak Vulnerability in net/mlx5 Component

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's net/mlx5 component, specifically within the HWS (Hardware Steering) actions handling. When an invalid stc_type is provided, the function hws_action_get_shared_stc_nic allocates memory for shared_stc but fails to release it before exiting, leading to a memory leak. This issue has been addressed by modifying the error handling flow to ensure proper memory cleanup.

Impact

Exploitation of this vulnerability leads to a memory leak, which can cause increased memory usage and potentially degrade system performance over time.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.

Added: Sep 16, 2025, 2:55 PM
Updated: Sep 16, 2025, 2:55 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
5.3
remediation
7.7
relevance
0.5
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.