CVE-2025-37941

ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe()

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe() When snd_soc_dapm_new_controls() or snd_soc_dapm_add_routes() fails, wcd937x_soc_codec_probe() returns without releasing 'wcd937x->clsh_info', which is allocated by wcd_clsh_ctrl_alloc. Add wcd_clsh_ctrl_free() to prevent potential memory leak.

N/A

CVSS

Severity:

EPSS 0.02%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/acadb2e2b3c5b9977a843a3a94fece9bdcf6aea1
https://git.kernel.org/stable/c/b573e04116fd33b9143fa276bbab2f0afad0a1ae
https://git.kernel.org/stable/c/aafb5325aca3e806b3ea3707402189263473d257
https://git.kernel.org/stable/c/3e330acf4efd63876d673c046cd073a1d4ed57a8

Frequently Asked Questions

What is the severity of CVE-2025-37941?: CVE-2025-37941 has not yet been assigned a CVSS score.
How to fix CVE-2025-37941?: To fix CVE-2025-37941, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-37941 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-37941 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-37941?: CVE-2025-37941 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.