CVE-2025-38479

18.04.2025, 07:15

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: fsl-edma: free irq correctly in remove path

Add fsl_edma->txirq/errirq check to avoid below warning because no
errirq at i.MX9 platform. Otherwise there will be kernel dump:
WARNING: CPU: 0 PID: 11 at kernel/irq/devres.c:144 devm_free_irq+0x74/0x80
Modules linked in:
CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.12.0-rc7#18
Hardware name: NXP i.MX93 11X11 EVK board (DT)
Workqueue: events_unbound deferred_probe_work_func
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : devm_free_irq+0x74/0x80
lr : devm_free_irq+0x48/0x80
Call trace:
 devm_free_irq+0x74/0x80 (P)
 devm_free_irq+0x48/0x80 (L)
 fsl_edma_remove+0xc4/0xc8
 platform_remove+0x28/0x44
 device_remove+0x4c/0x80

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 5%

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bookworm	6.1.137-1 not-affected
bullseye (security)	5.10.237-1 fixed
bookworm (security)	6.1.140-1 fixed
trixie	6.12.27-1 fixed
sid	6.12.30-1 fixed

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Zustand oder nicht näher spezifizierte Auswirkungen zu verursachen.
Published: 2025-04-21T22:00:00+00:00

References

https://git.kernel.org/stable/c/38ff8769074db27387cb2323aaa751e59d168e6a

https://git.kernel.org/stable/c/55e2dbe2ba787d4fc2306f6bb2f43fb32176e184

https://git.kernel.org/stable/c/f3834d2d68749e4760c27325149765930ad876fd

https://git.kernel.org/stable/c/fa70c4c3c580c239a0f9e83a14770ab026e8d820