CVE-2025-38313
published 2025-07-10CVE-2025-38313: In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mc_dev The blamed commit tried to simplify how the…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In the Linux kernel, the following vulnerability has been resolved:
bus: fsl-mc: fix double-free on mc_dev
The blamed commit tried to simplify how the deallocations are done but,
in the process, introduced a double-free on the mc_dev variable.
In case the MC device is a DPRC, a new mc_bus is allocated and the
mc_dev variable is just a reference to one of its fields. In this
circumstance, on the error path only the mc_bus should be freed.
This commit introduces back the following checkpatch warning which is a
false-positive.
WARNING: kfree(NULL) is safe and this check is probably not required
+ if (mc_bus)
+ kfree(mc_bus);
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= a042fbed02904493ae6df26ec836045f5a7d3ce2 < 12e4431e5078847791936820bd39df9e1ee26d2e | 12e4431e5078847791936820bd39df9e1ee26d2e |
| linux | linux | >= a042fbed02904493ae6df26ec836045f5a7d3ce2 < 3135e03a92f6b5259d0a7f25f728e9e7866ede3f | 3135e03a92f6b5259d0a7f25f728e9e7866ede3f |
| linux | linux | >= a042fbed02904493ae6df26ec836045f5a7d3ce2 < 7002b954c4a8b9965ba0f139812ee4a6f71beac8 | 7002b954c4a8b9965ba0f139812ee4a6f71beac8 |
| linux | linux | >= a042fbed02904493ae6df26ec836045f5a7d3ce2 < b2057374f326303c86d8423415ab58656eebc695 | b2057374f326303c86d8423415ab58656eebc695 |
| linux | linux | >= a042fbed02904493ae6df26ec836045f5a7d3ce2 < 4b23c46eb2d88924b93aca647bde9a4b9cf62cf9 | 4b23c46eb2d88924b93aca647bde9a4b9cf62cf9 |
| linux | linux | >= a042fbed02904493ae6df26ec836045f5a7d3ce2 < 1d5baab39e5b09a76870b345cdee7933871b881f | 1d5baab39e5b09a76870b345cdee7933871b881f |
| linux | linux | >= a042fbed02904493ae6df26ec836045f5a7d3ce2 < 873d47114fd5e5a1cad2018843671537cc71ac84 | 873d47114fd5e5a1cad2018843671537cc71ac84 |
| linux | linux | >= a042fbed02904493ae6df26ec836045f5a7d3ce2 < d694bf8a9acdbd061596f3e7549bc8cb70750a60 | d694bf8a9acdbd061596f3e7549bc8cb70750a60 |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 5.15.0-156.166 | 5.15.0-156.166 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 4.13 < 5.4.295 | 5.4.295 |
| linux | linux_kernel | >= 5.11 < 5.15.186 | 5.15.186 |
| linux | linux_kernel | >= 5.16 < 6.1.142 | 6.1.142 |
| linux | linux_kernel | >= 5.5 < 5.10.239 | 5.10.239 |
| linux | linux_kernel | >= 6.13 < 6.15.3 | 6.15.3 |
| linux | linux_kernel | >= 6.2 < 6.6.94 | 6.6.94 |
| linux | linux_kernel | >= 6.7 < 6.12.34 | 6.12.34 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH