CVE-2025-39679

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-39679
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-39679.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-39679
Downstream
Related
Published
2025-09-05T17:20:45.357Z
Modified
2025-11-20T10:22:01.733571Z
Summary
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/nouveau/nvif: Fix potential memory leak in nvifvmmctor().

When the nvifvmmtype is invalid, we will return error directly without freeing the args in nvifvmmctor(), which leading a memory leak. Fix it by setting the ret -EINVAL and goto done.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6b252cf42281045a9f803d2198023500cfa6ebd2
Fixed
72553fe19317fe93cb8591c83095c446bc7fe292
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6b252cf42281045a9f803d2198023500cfa6ebd2
Fixed
cabcb52d76d3d42f16c344a96e098dd9d18602f8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6b252cf42281045a9f803d2198023500cfa6ebd2
Fixed
7d9110e3b35d08832661da1a1fc2d24455981a04
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6b252cf42281045a9f803d2198023500cfa6ebd2
Fixed
bb8aeaa3191b617c6faf8ae937252e059673b7ea

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.16.1
v6.16.2
v6.16.3
v6.5
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.100
v6.6.101
v6.6.102
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.79
v6.6.8
v6.6.80
v6.6.81
v6.6.82
v6.6.83
v6.6.84
v6.6.85
v6.6.86
v6.6.87
v6.6.88
v6.6.89
v6.6.9
v6.6.90
v6.6.91
v6.6.92
v6.6.93
v6.6.94
v6.6.95
v6.6.96
v6.6.97
v6.6.98
v6.6.99
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 1598.0,
            "function_hash": "290612315824145672614121716604827908911"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cabcb52d76d3d42f16c344a96e098dd9d18602f8",
        "target": {
            "file": "drivers/gpu/drm/nouveau/nvif/vmm.c",
            "function": "nvif_vmm_ctor"
        },
        "id": "CVE-2025-39679-1189caf8"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "250808697624696241817632887665002796839",
                "314311392658020062367301000025094589565",
                "100890239781293230607301407251627366067",
                "243090179107672739742879152559149118082"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cabcb52d76d3d42f16c344a96e098dd9d18602f8",
        "target": {
            "file": "drivers/gpu/drm/nouveau/nvif/vmm.c"
        },
        "id": "CVE-2025-39679-36d3856e"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 1598.0,
            "function_hash": "290612315824145672614121716604827908911"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@72553fe19317fe93cb8591c83095c446bc7fe292",
        "target": {
            "file": "drivers/gpu/drm/nouveau/nvif/vmm.c",
            "function": "nvif_vmm_ctor"
        },
        "id": "CVE-2025-39679-6e2e3504"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "250808697624696241817632887665002796839",
                "314311392658020062367301000025094589565",
                "100890239781293230607301407251627366067",
                "243090179107672739742879152559149118082"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@72553fe19317fe93cb8591c83095c446bc7fe292",
        "target": {
            "file": "drivers/gpu/drm/nouveau/nvif/vmm.c"
        },
        "id": "CVE-2025-39679-d7f624d0"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 1598.0,
            "function_hash": "290612315824145672614121716604827908911"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7d9110e3b35d08832661da1a1fc2d24455981a04",
        "target": {
            "file": "drivers/gpu/drm/nouveau/nvif/vmm.c",
            "function": "nvif_vmm_ctor"
        },
        "id": "CVE-2025-39679-e38e4625"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "250808697624696241817632887665002796839",
                "314311392658020062367301000025094589565",
                "100890239781293230607301407251627366067",
                "243090179107672739742879152559149118082"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7d9110e3b35d08832661da1a1fc2d24455981a04",
        "target": {
            "file": "drivers/gpu/drm/nouveau/nvif/vmm.c"
        },
        "id": "CVE-2025-39679-f98d4806"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.103
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.44
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.16.4