7.8

CVE-2025-39951

um: virtio_uml: Fix use-after-free after put_device in probe

In the Linux kernel, the following vulnerability has been resolved:

um: virtio_uml: Fix use-after-free after put_device in probe

When register_virtio_device() fails in virtio_uml_probe(),
the code sets vu_dev->registered = 1 even though
the device was not successfully registered.
This can lead to use-after-free or other issues.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.5 < 5.10.245
LinuxLinux Kernel Version >= 5.11 < 5.15.194
LinuxLinux Kernel Version >= 5.16 < 6.1.154
LinuxLinux Kernel Version >= 6.2 < 6.6.108
LinuxLinux Kernel Version >= 6.7 < 6.12.49
LinuxLinux Kernel Version >= 6.13 < 6.16.9
LinuxLinux Kernel Version6.17 Updaterc1
LinuxLinux Kernel Version6.17 Updaterc2
LinuxLinux Kernel Version6.17 Updaterc3
LinuxLinux Kernel Version6.17 Updaterc4
LinuxLinux Kernel Version6.17 Updaterc5
LinuxLinux Kernel Version6.17 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.038
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/14c231959a16ca41bfdcaede72483362a8c645d7
Patch
https://git.kernel.org/stable/c/5e94e44c9cb30d7a383d8ac227f24a8c9326b770
Patch
https://git.kernel.org/stable/c/aaf900a83508c8cd5cdf765e7749f9076196ec7f
Patch
https://git.kernel.org/stable/c/4f364023ddcfe83f7073b973a9cb98584b7f2a46
Patch
https://git.kernel.org/stable/c/00e98b5a69034b251bb36dc6e7123d7648e218e4
Patch
https://git.kernel.org/stable/c/c2ff91255e0157b356cff115d8dc3eeb5162edf2
Patch
https://git.kernel.org/stable/c/7ebf70cf181651fe3f2e44e95e7e5073d594c9c0
Patch