CVE-2025-38423

HIGH

Linux Kernel 6.11-6.12.34, 6.13-6.15.3, 6.16 - Use-After-Free in WCD9375 Regulator Supplies

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9375: Fix double free of regulator supplies Driver gets regulator supplies in probe path with devm_regulator_bulk_get(), so should not call regulator_bulk_free() in error and remove paths to avoid double free.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/c8228b5f3d74fd8ad4dfc79d5d601eb6fca5e63e

Patch

https://git.kernel.org/stable/c/ce30258c05d39b62a05c99016d7148b3bf60fbdc

Patch

https://git.kernel.org/stable/c/63fe298652d4eda07d738bfcbbc59d1343a675ef

Scores

CVSS v3 7.8

EPSS 0.0015

EPSS Percentile 4.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-415

Status published

Products (11)

linux/Kernel 6.11.0 - 6.12.35linux

linux/Kernel 6.13.0 - 6.15.4linux

Linux/Linux < 6.11

Linux/Linux 216d04139a6d0ecaea9432178225b29d367da886 - 63fe298652d4eda07d738bfcbbc59d1343a675ef

Linux/Linux 216d04139a6d0ecaea9432178225b29d367da886 - c8228b5f3d74fd8ad4dfc79d5d601eb6fca5e63e

Linux/Linux 216d04139a6d0ecaea9432178225b29d367da886 - ce30258c05d39b62a05c99016d7148b3bf60fbdc

Linux/Linux 6.11

Linux/Linux 6.12.35 - 6.12.*

Linux/Linux 6.15.4 - 6.15.*

Linux/Linux 6.16

... and 1 more

Published Jul 25, 2025

Tracked Since Feb 18, 2026