CVE-2025-39930: ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai()

Description

In the Linux kernel, the following vulnerability has been resolved:

ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai()

commit 419d1918105e ("ASoC: simple-card-utils: use __free(device_node) for
device node") uses __free(device_node) for dlc->of_node, but we need to
keep it while driver is in use.

Don't use __free(device_node) in graph_util_parse_dai().

Classification

CVE ID: CVE-2025-39930

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 3.27% (scored less or equal to compared to others)

EPSS Date: 2025-04-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-39930
https://git.kernel.org/stable/c/232a32e8a7e9be8a2ee238df9b5304eed2f4e195
https://git.kernel.org/stable/c/de74ec718e0788e1998eb7289ad07970e27cae27

Timeline

2025-04-18 08:40:20 UTC
CVE

ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai()