CVE-2025-21981

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ice: fix memory leak in aRFS after reset<br /> <br /> Fix aRFS (accelerated Receive Flow Steering) structures memory leak by<br /> adding a checker to verify if aRFS memory is already allocated while<br /> configuring VSI. aRFS objects are allocated in two cases:<br /> - as part of VSI initialization (at probe), and<br /> - as part of reset handling<br /> <br /> However, VSI reconfiguration executed during reset involves memory<br /> allocation one more time, without prior releasing already allocated<br /> resources. This led to the memory leak with the following signature:<br /> <br /> [root@os-delivery ~]# cat /sys/kernel/debug/kmemleak<br /> unreferenced object 0xff3c1ca7252e6000 (size 8192):<br /> comm "kworker/0:0", pid 8, jiffies 4296833052<br /> hex dump (first 32 bytes):<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> backtrace (crc 0):<br /> [] __kmalloc_cache_noprof+0x275/0x340<br /> [] ice_init_arfs+0x3a/0xe0 [ice]<br /> [] ice_vsi_cfg_def+0x607/0x850 [ice]<br /> [] ice_vsi_setup+0x5b/0x130 [ice]<br /> [] ice_init+0x1c1/0x460 [ice]<br /> [] ice_probe+0x2af/0x520 [ice]<br /> [] local_pci_probe+0x43/0xa0<br /> [] work_for_cpu_fn+0x13/0x20<br /> [] process_one_work+0x179/0x390<br /> [] worker_thread+0x239/0x340<br /> [] kthread+0xcc/0x100<br /> [] ret_from_fork+0x2d/0x50<br /> [] ret_from_fork_asm+0x1a/0x30<br /> ...