CVE-2025-39679

medium

Description

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). When the nvif_vmm_type is invalid, we will return error directly without freeing the args in nvif_vmm_ctor(), which leading a memory leak. Fix it by setting the ret -EINVAL and goto done.

References

https://git.kernel.org/stable/c/cabcb52d76d3d42f16c344a96e098dd9d18602f8

https://git.kernel.org/stable/c/bb8aeaa3191b617c6faf8ae937252e059673b7ea

https://git.kernel.org/stable/c/7d9110e3b35d08832661da1a1fc2d24455981a04

https://git.kernel.org/stable/c/72553fe19317fe93cb8591c83095c446bc7fe292

Details

Source: Mitre, NVD

Published: 2025-09-05

Updated: 2025-09-08

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018