CVE-2025-38390

Published: Jul 25, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf ("firmware: arm_ffa: Add interfaces to request notification callbacks") adds support for notifier callbacks by allocating and inserting a callback node into a hashtable during registration of notifiers. However, during unregistration, the code only removes the node from the hashtable without freeing the associated memory, resulting in a memory leak. Resolve the memory leak issue by ensuring the allocated notifier callback node is properly freed after it is removed from the hashtable entry.

Vendor	Product	Versions
Linux	Linux	affected `e0573444edbf4ee7e3c191d3d08a4ccbd26628be - < 076fa20b4f5737c34921dbb152f9efceaee571b2` affected `e0573444edbf4ee7e3c191d3d08a4ccbd26628be - < 938827c440564b2cf2f9b804d1fe81ce8267eded` affected `e0573444edbf4ee7e3c191d3d08a4ccbd26628be - < a833d31ad867103ba72a0b73f3606f4ab8601719`
Linux	Linux	affected `6.7` unaffected `0 - < 6.7` unaffected `6.12.37 - <= 6.12.` unaffected `6.15.6 - <= 6.15.` unaffected `6.16 - <= *`

References

https://git.kernel.org/stable/c/076fa20b4f5737c34921dbb152f9efceaee571b2

https://git.kernel.org/stable/c/938827c440564b2cf2f9b804d1fe81ce8267eded

https://git.kernel.org/stable/c/a833d31ad867103ba72a0b73f3606f4ab8601719

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38390

Description

Affected Products

References