CVE-2025-39771

11.09.2025, 17:15

In the Linux kernel, the following vulnerability has been resolved:

regulator: pca9450: Use devm_register_sys_off_handler

With module test, there is error dump:
------------[ cut here ]------------
  notifier callback pca9450_i2c_restart_handler already registered
  WARNING: kernel/notifier.c:23 at notifier_chain_register+0x5c/0x88,
  CPU#0: kworker/u16:3/50
  Call trace:
  notifier_chain_register+0x5c/0x88 (P)
  atomic_notifier_chain_register+0x30/0x58
  register_restart_handler+0x1c/0x28
  pca9450_i2c_probe+0x418/0x538
  i2c_device_probe+0x220/0x3d0
  really_probe+0x114/0x410
  __driver_probe_device+0xa0/0x150
  driver_probe_device+0x40/0x114
  __device_attach_driver+0xd4/0x12c

So use devm_register_sys_off_handler to let kernel handle the resource
free to avoid kernel dump.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
trixie	6.12.43-1 not-affected
bookworm	6.1.148-1 not-affected
bullseye (security)	5.10.237-1 fixed
bookworm (security)	6.1.147-1 fixed
trixie (security)	6.12.41-1 fixed
forky	vulnerable
sid	6.16.6-1 fixed

References

https://git.kernel.org/stable/c/447be50598c05499f7ccc2b1f6ddb3da30f8099a

https://git.kernel.org/stable/c/7a8c8aa0b0b2c62a0232bf868def85f3069ba7a7