U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2025-38313 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mc_dev The blamed commit tried to simplify how the deallocations are done but, in the process, introduced a double-free on the mc_dev variable. In case the MC device is a DPRC, a new mc_bus is allocated and the mc_dev variable is just a reference to one of its fields. In this circumstance, on the error path only the mc_bus should be freed. This commit introduces back the following checkpatch warning which is a false-positive. WARNING: kfree(NULL) is safe and this check is probably not required + if (mc_bus) + kfree(mc_bus);


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/12e4431e5078847791936820bd39df9e1ee26d2e kernel.org
https://git.kernel.org/stable/c/1d5baab39e5b09a76870b345cdee7933871b881f kernel.org
https://git.kernel.org/stable/c/3135e03a92f6b5259d0a7f25f728e9e7866ede3f kernel.org
https://git.kernel.org/stable/c/4b23c46eb2d88924b93aca647bde9a4b9cf62cf9 kernel.org
https://git.kernel.org/stable/c/7002b954c4a8b9965ba0f139812ee4a6f71beac8 kernel.org
https://git.kernel.org/stable/c/873d47114fd5e5a1cad2018843671537cc71ac84 kernel.org
https://git.kernel.org/stable/c/b2057374f326303c86d8423415ab58656eebc695 kernel.org
https://git.kernel.org/stable/c/d694bf8a9acdbd061596f3e7549bc8cb70750a60 kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2025-38313
NVD Published Date:
07/10/2025
NVD Last Modified:
07/10/2025
Source:
kernel.org