CVE-2025-38313
BaseFortify
Publication date: 2025-07-10
Last updated on: 2025-12-19
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 4.13 (inc) to 5.4.295 (exc) |
| linux | linux_kernel | From 5.5 (inc) to 5.10.239 (exc) |
| linux | linux_kernel | From 5.11 (inc) to 5.15.186 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.142 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.6.94 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.12.34 (exc) |
| linux | linux_kernel | From 6.13 (inc) to 6.15.3 (exc) |
| debian | debian_linux | 11.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-415 | The product calls free() twice on the same memory address. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a double-free issue in the Linux kernel's fsl-mc bus driver related to the mc_dev variable. A double-free occurs when the same memory is freed more than once, which can lead to undefined behavior or security issues. The problem arose because a commit intended to simplify memory deallocation mistakenly freed mc_dev twice. Specifically, when the MC device is a DPRC, mc_dev is a reference to a field within a newly allocated mc_bus structure, and only mc_bus should be freed on error paths, not mc_dev separately. The fix reintroduced a check to ensure only mc_bus is freed, preventing the double-free.
How can this vulnerability impact me? :
This double-free vulnerability can lead to memory corruption, which may cause system instability, crashes, or potentially allow an attacker to execute arbitrary code or escalate privileges on the affected system. Since it involves kernel memory management, exploitation could compromise the security and reliability of the Linux system running the vulnerable driver.