CVE-2025-37941

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe() When snd_soc_dapm_new_controls() or snd_soc_dapm_add_routes() fails, wcd937x_soc_codec_probe() returns without releasing 'wcd937x->clsh_info', which is allocated by wcd_clsh_ctrl_alloc. Add wcd_clsh_ctrl_free() to prevent potential memory leak.

References

https://git.kernel.org/stable/c/b573e04116fd33b9143fa276bbab2f0afad0a1ae

https://git.kernel.org/stable/c/acadb2e2b3c5b9977a843a3a94fece9bdcf6aea1

https://git.kernel.org/stable/c/aafb5325aca3e806b3ea3707402189263473d257

https://git.kernel.org/stable/c/3e330acf4efd63876d673c046cd073a1d4ed57a8

Details

Source: Mitre, NVD

Published: 2025-05-20

Updated: 2025-05-21

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 5.6

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H

Severity: Medium

EPSS

EPSS: 0.00018