CVE-2025-38259

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A memory leak exists in the WCD9335 audio codec driver due to the failure to free regulator supplies in error paths and during unbind operations. The driver obtains and enables regulator supplies but does not release them, leading to memory leaks and an unbalanced regulator enable count. The issue is addressed by converting the code to use devm regulator bulk get enable(), which simplifies the code and ensures proper cleanup.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Leak

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-416

Related Identifiers

AZL-64863

BDU:2025-13465

CVE-2025-38259

DLA-4328-1

DSA-5973-1

ECHO-988A-208B-EB6C

MGASA-2025-0218

MGASA-2025-0219

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:02853-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:02969-1

SUSE-SU-2025:02996-1

SUSE-SU-2025:02997-1

SUSE-SU-2025:03011-1

SUSE-SU-2025:03023-1

SUSE-SU-2025:20577-1

SUSE-SU-2025:20586-1

SUSE-SU-2025:20601-1

SUSE-SU-2025:20602-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025_02853-1

SUSE-SU-2025_02969-1

SUSE-SU-2025_02996-1

SUSE-SU-2025_02997-1

SUSE-SU-2025_03011-1

SUSE-SU-2025_03023-1

USN-7833-1

USN-7833-2

USN-7833-3

USN-7833-4

USN-7834-1

USN-7856-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

Wcd9335

CVE-2025-38259

Weakness Enumeration

Related Identifiers

Affected Products

References · 3203