CVE-2025-38313

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A double-free issue was identified in the fsl-mc bus driver within the Linux kernel. A commit intended to simplify deallocation procedures inadvertently introduced a double-free on the mc dev variable. This occurs specifically when the MC device is a DPRC (Direct Peripheral Resource Controller), where mc dev serves as a reference to a field within a newly allocated mc bus. In error scenarios, only mc bus should be freed, but the flawed commit attempted to free both mc dev and mc bus. The commit also reintroduces a checkpatch warning regarding kfree(NULL), which is considered a false positive.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.