Vulnerability Database

296,223

Total vulnerabilities in the database

CVE-2025-21770

In the Linux kernel, the following vulnerability has been resolved:

iommu: Fix potential memory leak in iopf_queue_remove_device()

The iopf_queue_remove_device() helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstanding iopf's with an IOMMU_PAGE_RESP_INVALID code and detaches the device from the queue.

However, it fails to release the group structure that represents a group of iopf's awaiting for a response after responding to the hardware. This can cause a memory leak if iopf_queue_remove_device() is called with pending iopf's.

Fix it by calling iopf_free_group() after the iopf group is responded.

  • Published: Feb 27, 2025
  • Updated: May 4, 2025
  • CVE: CVE-2025-21770
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
linux / linux_kernel 6.14-rc1 6.14-rc1.x
linux / linux_kernel 6.13 6.13.4
linux / linux_kernel 6.14-rc2 6.14-rc2.x
linux / linux_kernel 6.9 6.12.16