Vulnerability Lookup

🛡️ CVE-2025-38565

🟠 CVSS 7.8 — High ✅ No Known Exploit NVD

7.8

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed reference counter. But nothing undoes this as perf_mmap_close() is never called in this case, which causes another reference count leak. Return early on failure to prevent that.

Details

Severity HIGH

CVSS Score 7.8

CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE N/A

Public Exploit ✅ No

Source NVD

Published 2025-08-19

Updated 2026-06-02

Modified 2026-01-08

Fix URL https://git.kernel.org/stable/c/07091aade394f690e7b655578140ef84d0e8d7b0

Affected Packages

Software	From version	Fixed in
debian-linux	—	—
linux-kernel	6.16	6.16.1

References

Patch https://git.kernel.org/stable/c/07091aade394f690e7b655578140ef84d0e8d7b0

Patch https://git.kernel.org/stable/c/163b0d1a209fe0df5476c1df2330ca12b55abf92

Patch https://git.kernel.org/stable/c/27d44145bd576bbef9bf6165bcd78128ec3e6cbd

Patch https://git.kernel.org/stable/c/5ffda7f3ed76ec8defc19d985e33b3b82ba07839

Patch https://git.kernel.org/stable/c/7ff8521f30c4c2fcd4e88bd7640486602bf8a650

Patch https://git.kernel.org/stable/c/92043120a2e992800580855498ab8507e1b22db9

Patch https://git.kernel.org/stable/c/9b90a48c7de828a15c7a4fc565d46999c6e22d6b

Patch https://git.kernel.org/stable/c/de85e72598d89880a02170a1cbc27b35a7d978a9

Patch https://git.kernel.org/stable/c/f41e9eba77bf97626e04296dc5677d02816d2432

Mailing List, Third Party Advisory https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

Mailing List, Third Party Advisory https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

🔗 NVD 🔗 Mitre ✅ Fix / Advisory

Similar Threats

Vulnerability Monitoring

Stay informed about vulnerabilities in your stack

BotEraser monitors your WordPress installation and notifies you when software you use appears in our vulnerability database.

Set Up Free Alerts →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Stay informed about vulnerabilities in your stack

Company

Resources

Services

Trusted

Subscribe