5.5
CVE-2025-37933
- EPSS 0.16%
- Veröffentlicht 20.05.2025 15:21:58
- Zuletzt bearbeitet 17.11.2025 15:11:44
- CVE-Watchlists
- Unerledigt
octeon_ep: Fix host hang issue during device reboot
In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix host hang issue during device reboot When the host loses heartbeat messages from the device, the driver calls the device-specific ndo_stop function, which frees the resources. If the driver is unloaded in this scenario, it calls ndo_stop again, attempting to free resources that have already been freed, leading to a host hang issue. To resolve this, dev_close should be called instead of the device-specific stop function.dev_close internally calls ndo_stop to stop the network interface and performs additional cleanup tasks. During the driver unload process, if the device is already down, ndo_stop is not called.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.4 < 6.6.90
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.28
Linux ≫ Linux Kernel Version >= 6.13 < 6.14.6
Linux ≫ Linux Kernel Version6.15 Updaterc1
Linux ≫ Linux Kernel Version6.15 Updaterc2
Linux ≫ Linux Kernel Version6.15 Updaterc3
Linux ≫ Linux Kernel Version6.15 Updaterc4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.057 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-415 Double Free
The product calls free() twice on the same memory address.
https://git.kernel.org/stable/c/7e1ca1bed3f66e00377f7d2147be390144924276
https://git.kernel.org/stable/c/c8d788f800f83b94d9db8b3dacc1d26be38a6ef4
https://git.kernel.org/stable/c/6d1052423518e7d0aece9af5e77bbc324face8f1
https://git.kernel.org/stable/c/34f42736b325287a7b2ce37e415838f539767bda