Linux Kernel fsl-mc Bus Double-Free Vulnerability in mc_dev Variable

Vulnerability

A double-free vulnerability has been identified in the Linux kernel's fsl-mc bus implementation. The issue arises in versions of the kernel where the mc_dev variable, which references a field of an allocated mc_bus, is improperly deallocated. This flaw occurs when the MC device is a DPRC, leading to a scenario where the mc_bus is freed, but the mc_dev reference causes a second, erroneous deallocation.

Impact

Exploitation of this vulnerability leads to a double-free condition, which can commonly result in memory corruption and potentially allow for arbitrary code execution.

Added: Jul 10, 2025, 8:28 AM

Updated: Jul 10, 2025, 8:28 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel fsl-mc Bus Double-Free Vulnerability in mc_dev Variable

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating