CVE-2025-38313
Published: Jul 10, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mc_dev The blamed commit tried to simplify how the deallocations are done but, in the process, introduced a double-free on the mc_dev variable. In case the MC device is a DPRC, a new mc_bus is allocated and the mc_dev variable is just a reference to one of its fields. In this circumstance, on the error path only the mc_bus should be freed. This commit introduces back the following checkpatch warning which is a false-positive. WARNING: kfree(NULL) is safe and this check is probably not required + if (mc_bus) + kfree(mc_bus);
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a042fbed02904493ae6df26ec836045f5a7d3ce2 - < 12e4431e5078847791936820bd39df9e1ee26d2eaffected a042fbed02904493ae6df26ec836045f5a7d3ce2 - < 3135e03a92f6b5259d0a7f25f728e9e7866ede3faffected a042fbed02904493ae6df26ec836045f5a7d3ce2 - < 7002b954c4a8b9965ba0f139812ee4a6f71beac8affected a042fbed02904493ae6df26ec836045f5a7d3ce2 - < b2057374f326303c86d8423415ab58656eebc695affected a042fbed02904493ae6df26ec836045f5a7d3ce2 - < 4b23c46eb2d88924b93aca647bde9a4b9cf62cf9+3 more versions |
Linux | Linux | affected 4.13unaffected 0 - < 4.13unaffected 5.4.295 - <= 5.4.*unaffected 5.10.239 - <= 5.10.*unaffected 5.15.186 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now