CVE-2025-38699

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38699
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38699.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38699
Downstream
Related
Published
2025-09-04T15:32:51.420Z
Modified
2025-11-27T19:34:59.066837Z
Summary
scsi: bfa: Double-free fix
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: bfa: Double-free fix

When the bfadimprobe() function fails during initialization, the memory pointed to by bfad->im is freed without setting bfad->im to NULL.

Subsequently, during driver uninstallation, when the state machine enters the bfadsmstopping state and calls the bfadimprobe_undo() function, it attempts to free the memory pointed to by bfad->im again, thereby triggering a double-free vulnerability.

Set bfad->im to NULL if probing fails.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2025/38xxx/CVE-2025-38699.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
684c92bb08a25ed3c0356bc7eb532ed5b19588dd
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
9337c2affbaebe00b75fdf84ea0e2fcf93c140af
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
ba024d92564580bb90ec367248ace8efe16ce815
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
8e03dd9fadf76db5b9799583074a1a2a54f787f1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
39cfe2c83146aad956318f866d0ee471b7a61fa5
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
13f613228cf3c96a038424cd97aa4d6aadc66294
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
8456f862cb95bcc3a831e1ba87c0c17068be0f3f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
50d9bd48321038bd6e15af5a454bbcd180cf6f80
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
add4c4850363d7c1b72e8fce9ccb21fdd2cf5dc9

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.297
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.241
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.190
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.149
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.103
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.43
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.15.11
Type
ECOSYSTEM
Events
Introduced
6.16.0
Fixed
6.16.2