Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-38421

Опубликовано: 25 июл. 2025
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

platform/x86/amd: pmf: Use device managed allocations

If setting up smart PC fails for any reason then this can lead to a double free when unloading amd-pmf. This is because dev->buf was freed but never set to NULL and is again freed in amd_pmf_remove().

To avoid subtle allocation bugs in failures leading to a double free change all allocations into device managed allocations.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.12.23 (включая) до 6.13 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.13.11 (включая) до 6.14 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.14.1 (включая) до 6.15.4 (исключая)
cpe:2.3:o:linux:linux_kernel:6.14:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.14:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*

EPSS

Процентиль: 3%
0.00016
Низкий

7.8 High

CVSS3

Дефекты

CWE-415

Связанные уязвимости

ubuntu логотип

CVE-2025-38421

CVSS3: 7.8
ubuntu
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason then this can lead to a double free when unloading amd-pmf. This is because dev->buf was freed but never set to NULL and is again freed in amd_pmf_remove(). To avoid subtle allocation bugs in failures leading to a double free change all allocations into device managed allocations.

redhat логотип

CVE-2025-38421

CVSS3: 5.5
redhat
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason then this can lead to a double free when unloading amd-pmf. This is because dev->buf was freed but never set to NULL and is again freed in amd_pmf_remove(). To avoid subtle allocation bugs in failures leading to a double free change all allocations into device managed allocations.

debian логотип

CVE-2025-38421

CVSS3: 7.8
debian
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: p ...

github логотип

GHSA-mxc4-v7c2-8m69

CVSS3: 7.8
github
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason then this can lead to a double free when unloading amd-pmf. This is because dev->buf was freed but never set to NULL and is again freed in amd_pmf_remove(). To avoid subtle allocation bugs in failures leading to a double free change all allocations into device managed allocations.

fstec логотип

BDU:2025-09136

CVSS3: 5.5
fstec
7 месяцев назад

Уязвимость функции amd_pmf_remove() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 3%
0.00016
Низкий

7.8 High

CVSS3

Дефекты

CWE-415