Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-39930

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai() commit 419d1918105e ("ASoC: simple-card-utils: use __free(device_node) for device node") uses __free(device_node) for dlc->of_node, but we need to keep it while driver is in use. Don't use __free(device_node) in graph_util_parse_dai().

Published

2025-04-18T07:15:44.460

Last Modified

2025-11-06T21:33:40.150

Status

Analyzed

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 6.14.2	Yes

References

https://git.kernel.org/stable/c/232a32e8a7e9be8a2ee238df9b5304eed2f4e195 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/de74ec718e0788e1998eb7289ad07970e27cae27 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)