DEBIAN-CVE-2025-21978

DEBIAN-CVE-2025-21978 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: drm/hyperv: Fix address space leak when Hyper-V DRM device is removed When a Hyper-V DRM device is probed, the driver allocates MMIO space for the vram, and maps it cacheable. If the device removed, or in the error path for device probing, the MMIO space is released but no unmap is done. Consequently the kernel address space for the mapping is leaked. Fix this by adding iounmap() calls in the device removal path, and in the error path during device probing.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	linux	0, 0
Debian:11	linux-6.1	0, 6.1.106-3~deb11u1, 6.1.106-3~deb11u2
Debian:12	linux	6.1.52-1, 6.1.55-1, 6.1.55-1~bpo11+1
Debian:14	linux	0, 0

Timeline

Apr 1, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-21978 advisory

Open in Interactive Console →