CVE-2025-38479 is a vulnerability identified in the Linux kernel specifically related to the dmaengine subsystem's fsl-edma driver, which is used for managing DMA (Direct Memory Access) operations on certain Freescale/NXP i.MX platforms. The issue arises from improper handling of IRQ (Interrupt Request) freeing during the device removal process. The vulnerability is due to the absence of a check for the presence of error IRQs (errirq) on the i.MX9 platform, which leads to the Linux kernel attempting to free an IRQ that does not exist. This results in a kernel warning and ultimately a kernel dump (crash), as indicated by the warning message and call trace logs. The problem manifests during the removal path of the fsl-edma driver when devm_free_irq is called without verifying if the errirq is valid, causing instability and potential denial of service (DoS) conditions on affected systems. The vulnerability affects Linux kernel versions around 6.12.0-rc7 and is specifically tied to hardware platforms using the NXP i.MX93 SoC. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The fix involves adding a conditional check to ensure that the errirq is only freed if it exists, preventing the kernel from attempting to free a non-existent IRQ and thus avoiding the kernel dump.

For European organizations, the primary impact of this vulnerability is the potential for system instability or denial of service on devices running affected Linux kernels with the fsl-edma driver, particularly those using NXP i.MX9 series hardware. This could affect embedded systems, industrial control systems, IoT devices, and specialized hardware platforms that rely on these SoCs. The kernel crash could disrupt critical operations, especially in sectors such as manufacturing, automotive, telecommunications, and infrastructure where embedded Linux devices are prevalent. While this vulnerability does not directly lead to privilege escalation or data leakage, the resulting denial of service could cause operational downtime, impacting business continuity and safety-critical processes. Since the vulnerability is hardware and driver specific, its impact is limited to environments using the affected platforms. European organizations deploying embedded Linux systems in industrial or edge computing contexts should be particularly vigilant. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental or targeted triggering of the kernel crash.

To mitigate CVE-2025-38479, organizations should: 1) Apply the official Linux kernel patches that add the necessary checks for errirq presence before freeing IRQs in the fsl-edma driver. This requires updating to a fixed kernel version or backporting the patch if using long-term support kernels. 2) Identify and inventory all devices running affected Linux kernel versions on NXP i.MX9 platforms, focusing on embedded and industrial systems. 3) Test kernel updates in controlled environments to ensure compatibility and stability before deployment. 4) Implement monitoring for kernel warnings and crashes related to devm_free_irq and fsl-edma to detect potential exploitation or accidental triggering. 5) Where immediate patching is not feasible, consider isolating affected devices from critical networks to reduce the risk of remote triggering. 6) Engage with hardware and software vendors for firmware or driver updates that incorporate the fix. 7) Maintain robust backup and recovery procedures to minimize downtime impact in case of kernel crashes. These steps go beyond generic advice by focusing on embedded Linux environments and the specific hardware affected.