CVE-2025-38419

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38419
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38419.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38419
Downstream
Related
Published
2025-07-25T14:15:33Z
Modified
2025-08-12T21:47:51.308441Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

remoteproc: core: Cleanup acquired resources when rprochandleresources() fails in rproc_attach()

When rproc->state = RPROCDETACHED and rprocattach() is used to attach to the remote processor, if rprochandleresources() returns a failure, the resources allocated by imxrprocprepare() should be released, otherwise the following memory leak will occur.

Since almost the same thing is done in imxrprocprepare() and rprocresourcecleanup(), Function rprocresourcecleanup() is able to deal with empty lists so it is better to fix the "goto" statements in rprocattach(). replace the "unpreparedevice" goto statement with "cleanupresources" and get rid of the "unprepare_device" label.

unreferenced object 0xffff0000861c5d00 (size 128): comm "kworker/u12:3", pid 59, jiffies 4294893509 (age 149.220s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 02 88 00 00 00 00 00 00 10 00 00 00 00 00 ............ backtrace: [<00000000f949fe18>] slabpostallochook+0x98/0x37c [<00000000adbfb3e7>] _kmemcacheallocnode+0x138/0x2e0 [<00000000521c0345>] kmalloctrace+0x40/0x158 [<000000004e330a49>] rprocmementryinit+0x60/0xf8 [<000000002815755e>] imxrprocprepare+0xe0/0x180 [<0000000003f61b4e>] rprocboot+0x2ec/0x528 [<00000000e7e994ac>] rprocadd+0x124/0x17c [<0000000048594076>] imxrprocprobe+0x4ec/0x5d4 [<00000000efc298a1>] platformprobe+0x68/0xd8 [<00000000110be6fe>] reallyprobe+0x110/0x27c [<00000000e245c0ae>] _driverprobedevice+0x78/0x12c [<00000000f61f6f5e>] driverprobedevice+0x3c/0x118 [<00000000a7874938>] _deviceattachdriver+0xb8/0xf8 [<0000000065319e69>] busforeachdrv+0x84/0xe4 [<00000000db3eb243>] _deviceattach+0xfc/0x18c [<0000000072e4e1a4>] deviceinitialprobe+0x14/0x20

References

Affected packages

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.147-1

Affected versions

6.*

6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.1.112-1
6.1.115-1
6.1.119-1
6.1.123-1
6.1.124-1
6.1.128-1
6.1.129-1
6.1.133-1
6.1.135-1
6.1.137-1
6.1.139-1
6.1.140-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.35-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.35-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}