CVE-2025-38344: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-38344 was discovered in the Linux kernel's ACPICA (Advanced Configuration and Power Interface Component Architecture) subsystem. The vulnerability was identified by Seunghun Han from the National Security Research Institute of South Korea and was disclosed on July 10, 2025. The issue involves cache leaks in the ACPI parse and parseext components during early abort cases (NVD CVE).

The vulnerability stems from a memory leak in the ACPI cache system where 'Acpi-Parse' cache and 'Acpi-parseext' cache were being leaked due to improper handling of the SLABNEVERMERGE flag in the kmemcachecreate() function. The issue manifests when the ACPI interpreter fails to start properly, leading to cache objects remaining in memory. This was confirmed through detailed analysis of boot logs showing the leak points in both Acpi-Parse and Acpi-parseext caches (NVD CVE).

The vulnerability results in memory leaks during system boot when ACPI initialization fails. While the immediate impact appears to be limited to resource consumption, persistent memory leaks can lead to system instability and potential resource exhaustion over time (Debian Tracker).

The issue has been fixed in Linux kernel version 6.12.35-1 and later releases. The fix involves proper handling of cache cleanup during ACPI initialization failures. Users are advised to upgrade to the patched versions. The vulnerability affects multiple distributions including Debian bullseye, bookworm, and trixie, with fixes available in their respective security updates (Debian Tracker).