CVE-2025-68252 in Linux
Summary
by MITRE • 12/16/2025
In the Linux kernel, the following vulnerability has been resolved:
misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup
In fastrpc_map_lookup, dma_buf_get is called to obtain a reference to the dma_buf for comparison purposes. However, this reference is never released when the function returns, leading to a dma_buf memory leak.
Fix this by adding dma_buf_put before returning from the function, ensuring that the temporarily acquired reference is properly released regardless of whether a matching map is found.
Rule: add
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 02/22/2026
The vulnerability identified as CVE-2025-68252 represents a critical memory management flaw within the Linux kernel's fastrpc subsystem that directly impacts the proper handling of dma_buf objects. This issue resides in the fastrpc_map_lookup function where the kernel fails to release a temporarily acquired reference to a dma_buf object, creating a persistent memory leak that can accumulate over time and potentially lead to system instability or resource exhaustion. The flaw specifically manifests when the function calls dma_buf_get to obtain a reference for comparison purposes but neglects to invoke dma_buf_put to release that reference before returning control flow to the calling function. This improper resource management pattern violates fundamental kernel memory management principles and creates a direct pathway for memory leakage within the kernel's device driver framework.
The technical execution of this vulnerability occurs within the context of the fastrpc subsystem which facilitates communication between user-space applications and remote processors in embedded systems, particularly those utilizing Qualcomm Snapdragon and similar SoC architectures. When the fastrpc_map_lookup function processes incoming requests to locate mapped memory regions, it acquires a reference to a dma_buf object solely for comparison operations but fails to properly release this reference. The vulnerability is classified under CWE-404, representing improper resource management where a resource is acquired but not properly released, and specifically aligns with the ATT&CK technique T1059.006 for kernel-level code execution through resource manipulation. This memory leak directly impacts system performance and can lead to progressive degradation as multiple instances of the function are called, each contributing to the accumulation of unreleased dma_buf references that consume kernel memory resources.
The operational impact of CVE-2025-68252 extends beyond simple memory consumption to potentially compromise system stability and availability in embedded and mobile computing environments where fastrpc functionality is actively utilized. The leak occurs in a code path that handles memory mapping operations for inter-process communication between user-space applications and kernel drivers, making it particularly dangerous in systems where frequent memory mapping operations occur. Attackers could potentially exploit this vulnerability to exhaust system memory resources through repeated invocation of the affected function, leading to system crashes or denial-of-service conditions. The vulnerability affects systems running Linux kernels with fastrpc support, particularly those implementing Qualcomm's remote processor communication frameworks, where the fastrpc subsystem is actively engaged in managing memory mappings for device drivers and application communication. The memory leak is particularly concerning in embedded systems with limited memory resources where such accumulation could quickly lead to system instability or complete failure of the device's communication capabilities.
The mitigation strategy for CVE-2025-68252 involves implementing the straightforward fix of adding a dma_buf_put call before function return to properly release the temporarily acquired reference. This solution directly addresses the root cause by ensuring that every dma_buf_get invocation is matched with a corresponding dma_buf_put call, maintaining proper reference counting and preventing resource leakage. The fix aligns with kernel development best practices for resource management and follows the established pattern of proper reference counting in kernel memory management operations. Security administrators should prioritize patching affected systems, particularly those running Linux kernels with fastrpc support in embedded environments, mobile devices, and IoT systems where Qualcomm's remote processor frameworks are utilized. The vulnerability demonstrates the critical importance of proper reference counting in kernel space operations and underscores the necessity of thorough code review processes for memory management functions, especially in subsystems handling device driver communication and memory mapping operations. This fix represents a standard defensive programming approach that prevents resource leaks while maintaining the functional integrity of the fastrpc subsystem and ensuring proper memory management within the Linux kernel's device driver framework.