{"id":"AZL-64844","summary":"CVE-2025-38258 affecting package kernel for versions less than 6.6.96.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter-\u003ememcg_path on write\n\nmemcg_path_store() assigns a newly allocated memory buffer to\nfilter-\u003ememcg_path, without deallocating the previously allocated and\nassigned memory buffer.  As a result, users can leak kernel memory by\ncontinuously writing a data to memcg_path DAMOS sysfs file.  Fix the leak\nby deallocating the previously set memory buffer.","modified":"2026-04-01T05:20:24.825370Z","published":"2025-07-09T11:15:28Z","upstream":["CVE-2025-38258"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38258"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.96.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-64844.json"}}],"schema_version":"1.7.5"}