CVE-2025-38421
HIGHDescription
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason then this can lead to a double free when unloading amd-pmf. This is because dev->buf was freed but never set to NULL and is again freed in amd_pmf_remove(). To avoid subtle allocation bugs in failures leading to a double free change all allocations into device managed allocations.
Is your site exposed to CVE-2025-38421?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
References
Frequently Asked Questions
What is CVE-2025-38421? +
How severe is CVE-2025-38421? +
What products are affected by CVE-2025-38421? +
How do I check if I'm vulnerable to CVE-2025-38421? +
Related Vulnerabilities
A double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending …
The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if …
A denial-of-service security issue exists in the affected products. The security issue stems from improper handling of exceptional conditions when …
A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Master Branch (ab0ee111) and 2.5.0. …
A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch …
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect `AMQP_VALUE` failed …