PT-2025-17274 · Linux+4 · Linux Kernel+4

Published

2025-03-10

Updated

2026-01-26

CVE-2025-38479

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc7

Description A vulnerability in the Linux kernel has been resolved, related to the dmaengine and specifically the fsl-edma component. The issue was caused by not freeing the irq correctly in the remove path, leading to a kernel dump warning. This warning occurred because there was no errirq at the i.MX9 platform. The vulnerability was resolved by adding a check for fsl edma->txirq/errirq to avoid the warning.

Recommendations For Linux kernel versions prior to 6.12.0-rc7, update to a version that includes the fix for the dmaengine vulnerability, specifically the fsl-edma component, to ensure that the irq is freed correctly in the remove path. As a temporary workaround, consider disabling the fsl-edma component until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-371

Related Identifiers

BDU:2025-12013

CVE-2025-38479

USN-7594-1

USN-7594-2

USN-7594-3

USN-7605-1

USN-7605-2

USN-7606-1

USN-7628-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2025-17274 · Linux+4 · Linux Kernel+4

CVE-2025-38479

Weakness Enumeration

Related Identifiers

Affected Products

References · 475