CVE-2025-39930

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai() commit 419d1918105e ("ASoC: simple-card-utils: use __free(device_node) for device node") uses __free(device_node) for dlc->of_node, but we need to keep it while driver is in use. Don't use __free(device_node) in graph_util_parse_dai().

References

https://git.kernel.org/stable/c/de74ec718e0788e1998eb7289ad07970e27cae27

https://git.kernel.org/stable/c/232a32e8a7e9be8a2ee238df9b5304eed2f4e195

Details

Source: Mitre, NVD

Published: 2025-04-18

Updated: 2025-04-21

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 5.6

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H

Severity: Medium

EPSS

EPSS: 0.00018