Linux Kernel Vulnerability in WCD9375 Codecs Affects Device Performance
CVE-2025-38423

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38423?

A vulnerability was identified in the Linux kernel's handling of the WCD9375 codecs that may lead to improper memory management. Specifically, a double free of regulator supplies occurs if the driver calls 'regulator_bulk_free()' in error and remove paths after successfully obtaining regulator supplies using 'devm_regulator_bulk_get()'. This oversight can cause instability within the system, potentially impacting device performance and reliability.

Affected Version(s)

Linux 216d04139a6d0ecaea9432178225b29d367da886

Linux 216d04139a6d0ecaea9432178225b29d367da886 < 63fe298652d4eda07d738bfcbbc59d1343a675ef

References

https://git.kernel.org/stable/c/c8228b5f3d74fd8ad4dfc79d5...

https://git.kernel.org/stable/c/ce30258c05d39b62a05c99016...

https://git.kernel.org/stable/c/63fe298652d4eda07d738bfcb...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025