{"id":"CVE-2025-38421","summary":"platform/x86/amd: pmf: Use device managed allocations","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd: pmf: Use device managed allocations\n\nIf setting up smart PC fails for any reason then this can lead to\na double free when unloading amd-pmf.  This is because dev-\u003ebuf was\nfreed but never set to NULL and is again freed in amd_pmf_remove().\n\nTo avoid subtle allocation bugs in failures leading to a double free\nchange all allocations into device managed allocations.","modified":"2026-03-20T12:42:51.045129Z","published":"2025-07-25T14:16:42.409Z","related":["CGA-wjg6-7xj7-22fp","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38421.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0d10b532f861253c283863522d59d099fcb0796d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d9db3a941270d92bbd1a6a6b54a10324484f2f2d"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38421.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38421"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5b1122fc4995f308b21d7cfc64ef9880ac834d20"},{"fixed":"0d10b532f861253c283863522d59d099fcb0796d"},{"fixed":"d9db3a941270d92bbd1a6a6b54a10324484f2f2d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"e70b4b8f93d7fcf8ee063a1d1f18782c4da3d335"},{"last_affected":"3ed60e51ffdbfef14169bd967e21a6ba5e5ff42b"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38421.json"}}],"schema_version":"1.7.5"}