### [CVE-2025-21981](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21981) ![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen) ![](https://img.shields.io/static/v1?label=Version&message=28bf26724fdb0e02267d19e280d6717ee810a10d%20&color=brightgreen) ![](https://img.shields.io/static/v1?label=Version&message=5.8%20&color=brightgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue) ### Description In the Linux kernel, the following vulnerability has been resolved:ice: fix memory leak in aRFS after resetFix aRFS (accelerated Receive Flow Steering) structures memory leak byadding a checker to verify if aRFS memory is already allocated whileconfiguring VSI. aRFS objects are allocated in two cases:- as part of VSI initialization (at probe), and- as part of reset handlingHowever, VSI reconfiguration executed during reset involves memoryallocation one more time, without prior releasing already allocatedresources. This led to the memory leak with the following signature:[root@os-delivery ~]# cat /sys/kernel/debug/kmemleakunreferenced object 0xff3c1ca7252e6000 (size 8192): comm "kworker/0:0", pid 8, jiffies 4296833052 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): [] __kmalloc_cache_noprof+0x275/0x340 [] ice_init_arfs+0x3a/0xe0 [ice] [] ice_vsi_cfg_def+0x607/0x850 [ice] [] ice_vsi_setup+0x5b/0x130 [ice] [] ice_init+0x1c1/0x460 [ice] [] ice_probe+0x2af/0x520 [ice] [] local_pci_probe+0x43/0xa0 [] work_for_cpu_fn+0x13/0x20 [] process_one_work+0x179/0x390 [] worker_thread+0x239/0x340 [] kthread+0xcc/0x100 [] ret_from_fork+0x2d/0x50 [] ret_from_fork_asm+0x1a/0x30 ... ### POC #### Reference No PoCs from references. #### Github - https://github.com/w4zu/Debian_security