Linux Kernel Double Free Vulnerability in ASoC Codecs WCD9375

Vulnerability

A double free vulnerability has been identified in the Linux kernel's ASoC codecs for the WCD9375. This issue arises because the driver improperly manages regulator supplies. During the probe phase, the driver acquires these supplies using 'devm_regulator_bulk_get()'. However, it incorrectly calls 'regulator_bulk_free()' in error and removal paths, leading to the double free condition.

Impact

Exploitation of this vulnerability could lead to memory corruption issues, commonly associated with double free vulnerabilities, which can be exploited to execute arbitrary code or cause a denial-of-service condition.

Added: Jul 25, 2025, 4:33 PM

Updated: Jul 25, 2025, 4:33 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Double Free Vulnerability in ASoC Codecs WCD9375

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating