Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unprepare() in error path and remove function causes double free. Remove the redundant clk_disable_unprepare() calls from the probe error path and aml_rtc_remove(), allowing the devm framework to automatically manage the clock lifecycle.
References
- https://git.kernel.org/stable/c/2e1c79299036614ac32b251d145fad5391f4bcab
- https://git.kernel.org/stable/c/384150d7a5b60c1086790a8ee07b0629f906cca2
- https://git.kernel.org/stable/c/9fed02c16488050cd4e33e045506336b216d7301
FAQ
What is CVE-2025-68754?
CVE-2025-68754 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres a...
How severe is CVE-2025-68754?
CVSS scoring is not yet available for CVE-2025-68754. Check NVD for updates.
Is there a patch for CVE-2025-68754?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.