CVE-2025-38228

Published: Jul 4, 2025Modified: Nov 18, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: media: imagination: fix a potential memory leak in e5010_probe() Add video_device_release() to release the memory allocated by video_device_alloc() if something goes wrong.

Affected (2)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.11 to 6.12.35
Linux Linux Kernel	From 6.13 to 6.15.4

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (3)

https://git.kernel.org/stable/c/2a2bd7df402decbdefd0acb64ba4e17a0a2a4117

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/609ba05b9484856b08869f827a6edee51d51b5f3

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/fac3b9a91fa099d9bad29648127c0328d6c478c3

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.