Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Memory Leak Vulnerability in mISDN USB Driver

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's mISDN USB driver, specifically within the hfcsusb_probe() function. The issue arises when the setup_instance() function fails, causing the memory allocated for the control URB (ctrl_urb) to be unreleased, which can lead to resource exhaustion. This vulnerability affects the stable versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to a memory leak, where allocated memory is not properly freed, potentially causing resource exhaustion over time.

Reproduction

The vulnerability can be reproduced by loading the mISDN USB driver and causing the setup_instance() function to fail. This failure will result in the ctrl_urb memory allocation not being freed, leading to a memory leak.

Remediation

The vulnerability has been fixed in the Linux kernel. Users can apply the latest patches available in the Linux kernel stable tree to address this issue.

Added: Dec 24, 2025, 11:18 AM
Updated: Dec 24, 2025, 11:18 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
1.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.