Unrated severityNVD Advisory· Published Oct 20, 2025· Updated Apr 15, 2026
CVE-2025-40017
CVE-2025-40017
Description
In the Linux kernel, the following vulnerability has been resolved:
media: iris: Fix memory leak by freeing untracked persist buffer
One internal buffer which is allocated only once per session was not being freed during session close because it was not being tracked as part of internal buffer list which resulted in a memory leak.
Add the necessary logic to explicitly free the untracked internal buffer during session close to ensure all allocated memory is released properly.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords3 versionspkg:linux/kernelpkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed
>= 6.15.0, < 6.16.11+ 2 more
- (no CPE)range: >= 6.15.0, < 6.16.11
- (no CPE)range: < 6.17.5-1.1
- (no CPE)range: < 6.18.16-1.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.