CVE-2025-37980
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk5th percentile - higher than 5% of all known CVEs
Summary
A resource leak was found in the Linux kernel's blk_register_queue() function error path. When queue registration succeeds for blk_mq_sysfs_register() but a later error occurs, the missing blk_mq_sysfs_unregister() call causes a memory leak.
Risk Assessment
Memory leak can degrade system performance and, in extreme cases, exhaust available memory, potentially causing system or service crashes.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit adding blk_mq_sysfs_unregister() in the error path). Monitor patch availability for your distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is successful but the function later encounters an error, we need to clean up the blk_mq_sysfs resources. Add the missing blk_mq_sysfs_unregister() call in the error path to properly clean up these resources and prevent a memory leak.

