Linux Kernel Vulnerability Affecting fbnic Components
CVE-2025-38341
What is CVE-2025-38341?
A vulnerability in the Linux kernel's fbnic components allows for a potential double free condition when an error occurs during the DMA mapping of firmware messages. The issue arises when the caller of the fbnic_mbx_map_msg() function does not properly handle the ownership of the message on error, leading to possible memory corruption. Proper management of memory is crucial to ensure the stability and security of the kernel, and existing callers are expected to free the memory page, however, failure to properly implement this can introduce vulnerabilities.
Affected Version(s)
Linux da3cde08209ec1c915195c2331c275397f34a731 < 670179265ad787b9dd8e701601914618b8927755
Linux da3cde08209ec1c915195c2331c275397f34a731 < 0a211e23852019ef55c70094524e87a944accbb5
Linux da3cde08209ec1c915195c2331c275397f34a731 < 5bd1bafd4474ee26f504b41aba11f3e2a1175b88