In the Linux kernel, the following vulnerability has been resolved:

perf/core: Exit early on perf_mmap() fail

When perf_mmap() fails to allocate a buffer, it still invokes the
event_mapped() callback of the related event. On X86 this might increase
the perf_rdpmc_allowed reference counter. But nothing undoes this as
perf_mmap_close() is never called in this case, which causes another
reference count leak.

Return early on failure to prevent that.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00047.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux
  • Linux Kernel
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/07091aade394f690e7b655578140ef84d0e8d7b0 cve-icon cve-icon
https://git.kernel.org/stable/c/163b0d1a209fe0df5476c1df2330ca12b55abf92 cve-icon cve-icon
https://git.kernel.org/stable/c/27d44145bd576bbef9bf6165bcd78128ec3e6cbd cve-icon cve-icon
https://git.kernel.org/stable/c/5ffda7f3ed76ec8defc19d985e33b3b82ba07839 cve-icon cve-icon
https://git.kernel.org/stable/c/7ff8521f30c4c2fcd4e88bd7640486602bf8a650 cve-icon cve-icon
https://git.kernel.org/stable/c/92043120a2e992800580855498ab8507e1b22db9 cve-icon cve-icon
https://git.kernel.org/stable/c/9b90a48c7de828a15c7a4fc565d46999c6e22d6b cve-icon cve-icon
https://git.kernel.org/stable/c/de85e72598d89880a02170a1cbc27b35a7d978a9 cve-icon cve-icon
https://git.kernel.org/stable/c/f41e9eba77bf97626e04296dc5677d02816d2432 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025081908-CVE-2025-38565-0f60@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38565 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38565 cve-icon
History

Thu, 28 Aug 2025 14:45:00 +0000

Type Values Removed Values Added
References

Thu, 21 Aug 2025 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Vendors & Products Linux
Linux linux Kernel

Wed, 20 Aug 2025 00:30:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Tue, 19 Aug 2025 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed reference counter. But nothing undoes this as perf_mmap_close() is never called in this case, which causes another reference count leak. Return early on failure to prevent that.
Title perf/core: Exit early on perf_mmap() fail
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-09-29T05:53:53.796Z

Reserved: 2025-04-16T04:51:24.025Z

Link: CVE-2025-38565

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-19T17:15:33.077

Modified: 2025-08-28T15:15:53.333

Link: CVE-2025-38565

cve-icon Redhat

Severity : Low

Publid Date: 2025-08-19T00:00:00Z

Links: CVE-2025-38565 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2025-08-21T12:31:34Z