CVE-2025-38421

{"id": "CVE-2025-38421", "cveTags": [], "metrics": {}, "published": "2025-07-25T15:15:26.927", "references": [{"url": "https://git.kernel.org/stable/c/0d10b532f861253c283863522d59d099fcb0796d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d9db3a941270d92bbd1a6a6b54a10324484f2f2d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd: pmf: Use device managed allocations\n\nIf setting up smart PC fails for any reason then this can lead to\na double free when unloading amd-pmf. This is because dev->buf was\nfreed but never set to NULL and is again freed in amd_pmf_remove().\n\nTo avoid subtle allocation bugs in failures leading to a double free\nchange all allocations into device managed allocations."}], "lastModified": "2025-07-25T15:29:19.837", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}