vulnerability

SUSE: CVE-2025-21770: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Jul 8, 2025
Added
Dec 5, 2025
Modified
Dec 5, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

iommu: Fix potential memory leak in iopf_queue_remove_device()

The iopf_queue_remove_device() helper removes a device from the per-iommu
iopf queue when PRI is disabled on the device. It responds to all
outstanding iopf's with an IOMMU_PAGE_RESP_INVALID code and detaches the
device from the queue.

However, it fails to release the group structure that represents a group
of iopf's awaiting for a response after responding to the hardware. This
can cause a memory leak if iopf_queue_remove_device() is called with
pending iopf's.

Fix it by calling iopf_free_group() after the iopf group is responded.

Solutions

suse-upgrade-kernel-64kbsuse-upgrade-kernel-64kb-develsuse-upgrade-kernel-64kb-extrasuse-upgrade-kernel-azuresuse-upgrade-kernel-azure-develsuse-upgrade-kernel-azure-extrasuse-upgrade-kernel-azure-vdsosuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-basesuse-upgrade-kernel-default-develsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-livepatchsuse-upgrade-kernel-default-vdsosuse-upgrade-kernel-develsuse-upgrade-kernel-devel-azuresuse-upgrade-kernel-docssuse-upgrade-kernel-docs-htmlsuse-upgrade-kernel-kvmsmallsuse-upgrade-kernel-kvmsmall-develsuse-upgrade-kernel-kvmsmall-vdsosuse-upgrade-kernel-macrossuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-obs-qasuse-upgrade-kernel-sourcesuse-upgrade-kernel-source-azuresuse-upgrade-kernel-source-vanillasuse-upgrade-kernel-symssuse-upgrade-kernel-syms-azuresuse-upgrade-kernel-zfcpdumpsuse-upgrade-reiserfs-kmp-default

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today