Primary

Context

Linux Kernel LoongArch KVM Memory Leak Vulnerability in kvm_ipi_destroy Function

Vulnerability

Patched

A memory leak vulnerability has been identified in the Linux kernel's KVM implementation for the LoongArch architecture. The issue arises in the kvm_ipi_destroy() function, which fails to free the kvm_device struct allocated in kvm_ioctl_create_device(). This oversight leads to a memory leak, as the allocated memory is not properly released.

Impact

The vulnerability causes a memory leak, where allocated memory is not freed, potentially leading to increased memory usage and exhaustion over time.

Remediation

Users can apply the patch available in the Linux kernel stable tree to address this vulnerability. The patch can be downloaded as part of the Linux source code snapshot corresponding to the commit ID 0bf58cb7288a4d3de6d8ecbb3a65928a9362bf21.

Added: Jan 31, 2026, 12:25 PM

Updated: Jan 31, 2026, 12:25 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

7.7

relevance

2.5

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

7.7

relevance

2.5

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel LoongArch KVM Memory Leak Vulnerability in kvm_ipi_destroy Function

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating