CVE-2025-71163
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's dmaengine idxd driver. When using the compat bind/unbind sysfs interface, the driver fails to properly release device references, causing gradual memory exhaustion. This affects systems using Intel Data Streaming Accelerator (DSA) hardware with the idxd driver.
💻 Affected Systems
- Linux kernel with idxd driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.
Likely Case
Gradual memory consumption over time when compat bind/unbind operations are performed, potentially leading to performance degradation or system instability.
If Mitigated
Limited impact if sysfs interface access is restricted or if compat operations are not used.
🎯 Exploit Status
Exploitation requires local access and ability to write to sysfs interface. No privilege escalation or code execution demonstrated.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel commits: 0c97ff108f825a70c3bb29d65ddf0a013d231bb9, 799900f01792cf8b525a44764f065f83fcafd468, a7226fd61def74b60dd8e47ec84cabafc39d575b, b2d077180a56e3b7c97b7517d0465b584adc693b, b7bd948f89271c92d9ca9b2b682bfba56896e959
Vendor Advisory: https://git.kernel.org/stable/c/0c97ff108f825a70c3bb29d65ddf0a013d231bb9
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fixes. 2. Reboot system. 3. Verify idxd driver version includes the referenced commits.
🔧 Temporary Workarounds
Restrict sysfs access
linuxLimit access to idxd sysfs interface to prevent unauthorized bind/unbind operations
chmod 600 /sys/class/dma/dma*chan*/compat_bind
chmod 600 /sys/class/dma/dma*chan*/compat_unbind
Disable compat interface
linuxRemove compat bind/unbind sysfs entries if not required
echo 0 > /sys/module/dma_idxd/parameters/compat_support
🧯 If You Can't Patch
- Monitor system memory usage for unusual growth patterns
- Restrict local user access to systems with idxd hardware
🔍 How to Verify
Check if Vulnerable:
Check if kernel version includes vulnerable idxd driver code: grep -r 'compat_bind\|compat_unbind' /sys/class/dma/Check Version:
uname -rVerify Fix Applied:
Verify kernel includes fix commits: git log --oneline | grep -E '0c97ff108f825a70c3bb29d65ddf0a013d231bb9|799900f01792cf8b525a44764f065f83fcafd468|a7226fd61def74b60dd8e47ec84cabafc39d575b|b2d077180a56e3b7c97b7517d0465b584adc693b|b7bd948f89271c92d9ca9b2b682bfba56896e959'📡 Detection & Monitoring
Log Indicators:
- Kernel OOM (Out of Memory) messages
- System memory exhaustion alerts
- Unusual memory consumption by kernel processes
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("Out of memory" OR "oom" OR "memory allocation failure") AND process="kernel"🔗 References
- https://git.kernel.org/stable/c/0c97ff108f825a70c3bb29d65ddf0a013d231bb9
- https://git.kernel.org/stable/c/799900f01792cf8b525a44764f065f83fcafd468
- https://git.kernel.org/stable/c/a7226fd61def74b60dd8e47ec84cabafc39d575b
- https://git.kernel.org/stable/c/b2d077180a56e3b7c97b7517d0465b584adc693b
- https://git.kernel.org/stable/c/b7bd948f89271c92d9ca9b2b682bfba56896e959
- https://git.kernel.org/stable/c/c81ea0222eaaafdd77348e27d1e84a1b8cfc0c99
