{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-37764", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.938Z", "datePublished": "2025-05-01T13:07:05.694Z", "dateUpdated": "2025-05-26T05:20:22.513Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-26T05:20:22.513Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: fix firmware memory leaks\n\nFree the memory used to hold the results of firmware image processing\nwhen the module is unloaded.\n\nFix the related issue of the same memory being leaked if processing\nof the firmware image fails during module load.\n\nEnsure all firmware GEM objects are destroyed if firmware image\nprocessing fails.\n\nFixes memory leaks on powervr module unload detected by Kmemleak:\n\nunreferenced object 0xffff000042e20000 (size 94208):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 02 ae 7f ed bf 45 84 00 3c 5b 1f ed 9f 45 45 05 .....E..<[...EE.\n d5 4f 5d 14 6c 00 3d 23 30 d0 3a 4a 66 0e 48 c8 .O].l.=#0.:Jf.H.\n backtrace (crc dd329dec):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xaa4/0x1f50 [powervr]\n\nunreferenced object 0xffff000042d20000 (size 20480):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 09 00 00 00 0b 00 00 00 ................\n 00 00 00 00 00 00 00 00 07 00 00 00 08 00 00 00 ................\n backtrace (crc 395b02e3):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xb0c/0x1f50 [powervr]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/imagination/pvr_fw.c"], "versions": [{"version": "cc1aeedb98ad347c06ff59e991b2f94dfb4c565d", "lessThan": "490c30fd554597e78f66650044877e7defb5f83c", "status": "affected", "versionType": "git"}, {"version": "cc1aeedb98ad347c06ff59e991b2f94dfb4c565d", "lessThan": "891c12ba855ccb34c06a2e5da75c644683087036", "status": "affected", "versionType": "git"}, {"version": "cc1aeedb98ad347c06ff59e991b2f94dfb4c565d", "lessThan": "a5b230e7f3a55bd8bd8d012eec75a4b7baa671d5", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/imagination/pvr_fw.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.25", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14.4", "lessThanOrEqual": "6.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.12.25"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.14.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.15"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/490c30fd554597e78f66650044877e7defb5f83c"}, {"url": "https://git.kernel.org/stable/c/891c12ba855ccb34c06a2e5da75c644683087036"}, {"url": "https://git.kernel.org/stable/c/a5b230e7f3a55bd8bd8d012eec75a4b7baa671d5"}], "title": "drm/imagination: fix firmware memory leaks", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: fix firmware memory leaks\n\nFree the memory used to hold the results of firmware image processing\nwhen the module is unloaded.\n\nFix the related issue of the same memory being leaked if processing\nof the firmware image fails during module load.\n\nEnsure all firmware GEM objects are destroyed if firmware image\nprocessing fails.\n\nFixes memory leaks on powervr module unload detected by Kmemleak:\n\nunreferenced object 0xffff000042e20000 (size 94208):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 02 ae 7f ed bf 45 84 00 3c 5b 1f ed 9f 45 45 05 .....E..<[...EE.\n d5 4f 5d 14 6c 00 3d 23 30 d0 3a 4a 66 0e 48 c8 .O].l.=#0.:Jf.H.\n backtrace (crc dd329dec):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xaa4/0x1f50 [powervr]\n\nunreferenced object 0xffff000042d20000 (size 20480):\n comm \"modprobe\", pid 470, jiffies 4295277154\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 09 00 00 00 0b 00 00 00 ................\n 00 00 00 00 00 00 00 00 07 00 00 00 08 00 00 00 ................\n backtrace (crc 395b02e3):\n kmemleak_alloc+0x30/0x40\n ___kmalloc_large_node+0x140/0x188\n __kmalloc_large_node_noprof+0x2c/0x13c\n __kmalloc_noprof+0x48/0x4c0\n pvr_fw_init+0xb0c/0x1f50 [powervr]"}], "id": "CVE-2025-37764", "lastModified": "2025-05-02T13:53:20.943", "metrics": {}, "published": "2025-05-01T14:15:39.150", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/490c30fd554597e78f66650044877e7defb5f83c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/891c12ba855ccb34c06a2e5da75c644683087036"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a5b230e7f3a55bd8bd8d012eec75a4b7baa671d5"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: drm/imagination: fix firmware memory leaks", "id": "2363346", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363346"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/imagination: fix firmware memory leaks\nFree the memory used to hold the results of firmware image processing\nwhen the module is unloaded.\nFix the related issue of the same memory being leaked if processing\nof the firmware image fails during module load.\nEnsure all firmware GEM objects are destroyed if firmware image\nprocessing fails.\nFixes memory leaks on powervr module unload detected by Kmemleak:\nunreferenced object 0xffff000042e20000 (size 94208):\ncomm \"modprobe\", pid 470, jiffies 4295277154\nhex dump (first 32 bytes):\n02 ae 7f ed bf 45 84 00 3c 5b 1f ed 9f 45 45 05 .....E..<[...EE.\nd5 4f 5d 14 6c 00 3d 23 30 d0 3a 4a 66 0e 48 c8 .O].l.=#0.:Jf.H.\nbacktrace (crc dd329dec):\nkmemleak_alloc+0x30/0x40\n___kmalloc_large_node+0x140/0x188\n__kmalloc_large_node_noprof+0x2c/0x13c\n__kmalloc_noprof+0x48/0x4c0\npvr_fw_init+0xaa4/0x1f50 [powervr]\nunreferenced object 0xffff000042d20000 (size 20480):\ncomm \"modprobe\", pid 470, jiffies 4295277154\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 09 00 00 00 0b 00 00 00 ................\n00 00 00 00 00 00 00 00 07 00 00 00 08 00 00 00 ................\nbacktrace (crc 395b02e3):\nkmemleak_alloc+0x30/0x40\n___kmalloc_large_node+0x140/0x188\n__kmalloc_large_node_noprof+0x2c/0x13c\n__kmalloc_noprof+0x48/0x4c0\npvr_fw_init+0xb0c/0x1f50 [powervr]"], "name": "CVE-2025-37764", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-37764\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-37764\nhttps://lore.kernel.org/linux-cve-announce/2025050111-CVE-2025-37764-d81b@gregkh/T"], "threat_severity": "Moderate"}

{}