CVE-2025-39930 — Linux vulnerability
12 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 75.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 18
Latest updateJul 8
Description
In the Linux kernel, the following vulnerability has been resolved:
ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai()
commit 419d1918105e ("ASoC: simple-card-utils: use __free(device_node) for
device node") uses __free(device_node) for dlc->of_node, but we need to
keep it while driver is in use.
Don't use __free(device_node) in graph_util_parse_dai().
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linuxe03f8d14191142849abad62307d4128afd304521 — 146e25625378f7d4463acbd1ffbd975f3332a806+4
Patches
🔴Vulnerability Details
5OSV▶
CVE-2025-39930: In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai() c↗2025-04-18
GHSA▶
GHSA-9q9v-qmg6-ffwc: In the Linux kernel, the following vulnerability has been resolved:
ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai()↗2025-04-18
💥Exploits & PoCs
1📋Vendor Advisories
5Red Hat
▶
Debian▶
CVE-2025-39930: linux - In the Linux kernel, the following vulnerability has been resolved: ASoC: simpl...↗2025