Primary

Context

Linux Kernel Comedi Subsystem Memory Leak Vulnerability

Vulnerability

Patched

A memory leak vulnerability has been identified in the Linux kernel's Comedi subsystem. This issue arises from improper handling of command references, which can lead to memory not being freed correctly. The vulnerability is present in the Linux kernel stable tree, specifically in versions that include the problematic commit 4e1da516debb. The memory leak occurs because the 'runflags' variable does not always indicate when to reclaim the 'chanlist' memory. As a result, 'do_become_nonbusy()' fails to free the 'chanlist' properly, leading to a memory leak.

Impact

Exploitation of this vulnerability causes a memory leak, which can lead to increased memory usage and potential exhaustion of system resources over time.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree to address this vulnerability. The specific commit that resolves the issue is 29f644f14b89e6c4965e3c89251929e451190a66.

Added: May 1, 2026, 4:38 PM

Updated: May 1, 2026, 4:38 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

7.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

7.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Comedi Subsystem Memory Leak Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating