github - ghsa-rvp5-xxqc-hg2f

ghsa-rvp5-xxqc-hg2f

Vulnerability from github

Published

2025-07-25 15:30

Modified

2025-07-25 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: codecs: wcd9375: Fix double free of regulator supplies

Driver gets regulator supplies in probe path with devm_regulator_bulk_get(), so should not call regulator_bulk_free() in error and remove paths to avoid double free.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-38423"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-25T15:15:27Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd9375: Fix double free of regulator supplies\n\nDriver gets regulator supplies in probe path with\ndevm_regulator_bulk_get(), so should not call regulator_bulk_free() in\nerror and remove paths to avoid double free.",
  "id": "GHSA-rvp5-xxqc-hg2f",
  "modified": "2025-07-25T15:30:54Z",
  "published": "2025-07-25T15:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38423"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/63fe298652d4eda07d738bfcbbc59d1343a675ef"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c8228b5f3d74fd8ad4dfc79d5d601eb6fca5e63e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ce30258c05d39b62a05c99016d7148b3bf60fbdc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2025-38423 (GCVE-0-2025-38423)

Vulnerability from cvelistv5

Published

2025-07-25 14:16

Modified

2025-07-28 04:21

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9375: Fix double free of regulator supplies Driver gets regulator supplies in probe path with devm_regulator_bulk_get(), so should not call regulator_bulk_free() in error and remove paths to avoid double free.

References

►

URL

Tags

	https://git.kernel.org/stable/c/c8228b5f3d74fd8ad4dfc79d5d601eb6fca5e63e
	https://git.kernel.org/stable/c/ce30258c05d39b62a05c99016d7148b3bf60fbdc
	https://git.kernel.org/stable/c/63fe298652d4eda07d738bfcbbc59d1343a675ef

Impacted products

Vendor

Product

Version

►

Version: 216d04139a6d0ecaea9432178225b29d367da886
Version: 216d04139a6d0ecaea9432178225b29d367da886
Version: 216d04139a6d0ecaea9432178225b29d367da886

Version: 6.11

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "sound/soc/codecs/wcd937x.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c8228b5f3d74fd8ad4dfc79d5d601eb6fca5e63e",
              "status": "affected",
              "version": "216d04139a6d0ecaea9432178225b29d367da886",
              "versionType": "git"
            },
            {
              "lessThan": "ce30258c05d39b62a05c99016d7148b3bf60fbdc",
              "status": "affected",
              "version": "216d04139a6d0ecaea9432178225b29d367da886",
              "versionType": "git"
            },
            {
              "lessThan": "63fe298652d4eda07d738bfcbbc59d1343a675ef",
              "status": "affected",
              "version": "216d04139a6d0ecaea9432178225b29d367da886",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "sound/soc/codecs/wcd937x.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.11"
            },
            {
              "lessThan": "6.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.35",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.35",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.4",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd9375: Fix double free of regulator supplies\n\nDriver gets regulator supplies in probe path with\ndevm_regulator_bulk_get(), so should not call regulator_bulk_free() in\nerror and remove paths to avoid double free."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T04:21:46.347Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c8228b5f3d74fd8ad4dfc79d5d601eb6fca5e63e"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce30258c05d39b62a05c99016d7148b3bf60fbdc"
        },
        {
          "url": "https://git.kernel.org/stable/c/63fe298652d4eda07d738bfcbbc59d1343a675ef"
        }
      ],
      "title": "ASoC: codecs: wcd9375: Fix double free of regulator supplies",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38423",
    "datePublished": "2025-07-25T14:16:43.940Z",
    "dateReserved": "2025-04-16T04:51:24.014Z",
    "dateUpdated": "2025-07-28T04:21:46.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.