{"vulnerability": "CVE-2025-38069", "sightings": [{"uuid": "682b32c2-4f19-4b06-ad75-7d26e5def8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38069", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lruxgljwwi2m", "content": "", "creation_timestamp": "2025-06-18T11:58:33.380197Z"}, {"uuid": "87a07d10-911e-44f0-8196-d5e02cab5f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38069", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c063478d-5af5-4e38-ab47-42d129f70d88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38069", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18712", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38069\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops\n\nFix a kernel oops found while testing the stm32_pcie Endpoint driver\nwith handling of PERST# deassertion:\n\nDuring EP initialization, pci_epf_test_alloc_space() allocates all BARs,\nwhich are further freed if epc_set_bar() fails (for instance, due to no\nfree inbound window).\n\nHowever, when pci_epc_set_bar() fails, the error path:\n\n  pci_epc_set_bar() ->\n    pci_epf_free_space()\n\ndoes not clear the previous assignment to epf_test->reg[bar].\n\nThen, if the host reboots, the PERST# deassertion restarts the BAR\nallocation sequence with the same allocation failure (no free inbound\nwindow), creating a double free situation since epf_test->reg[bar] was\ndeallocated and is still non-NULL.\n\nThus, make sure that pci_epf_alloc_space() and pci_epf_free_space()\ninvocations are symmetric, and as such, set epf_test->reg[bar] to NULL\nwhen memory is freed.\n\n[kwilczynski: commit log]\n\ud83d\udccf Published: 2025-06-18T09:33:46.711Z\n\ud83d\udccf Modified: 2025-06-18T09:33:46.711Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/fe2329eff5bee461ebcafadb6ca1df0cbf5945fd\n2. https://git.kernel.org/stable/c/8b83893d1f6c6061a7d58169ecdf9d5ee9f306ee\n3. https://git.kernel.org/stable/c/934e9d137d937706004c325fa1474f9e3f1ba10a", "creation_timestamp": "2025-06-18T10:40:11.000000Z"}, {"uuid": "5cc2fc72-23ec-4298-b09b-1fc804438be3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38069", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}]}