7.8
CVE-2025-39951
- EPSS 0.14%
- Veröffentlicht 04.10.2025 07:31:11
- Zuletzt bearbeitet 23.01.2026 20:03:14
- CVE-Watchlists
- Unerledigt
um: virtio_uml: Fix use-after-free after put_device in probe
In the Linux kernel, the following vulnerability has been resolved: um: virtio_uml: Fix use-after-free after put_device in probe When register_virtio_device() fails in virtio_uml_probe(), the code sets vu_dev->registered = 1 even though the device was not successfully registered. This can lead to use-after-free or other issues.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.245
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.194
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.154
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.108
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.49
Linux ≫ Linux Kernel Version >= 6.13 < 6.16.9
Linux ≫ Linux Kernel Version6.17 Updaterc1
Linux ≫ Linux Kernel Version6.17 Updaterc2
Linux ≫ Linux Kernel Version6.17 Updaterc3
Linux ≫ Linux Kernel Version6.17 Updaterc4
Linux ≫ Linux Kernel Version6.17 Updaterc5
Linux ≫ Linux Kernel Version6.17 Updaterc6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.038 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/14c231959a16ca41bfdcaede72483362a8c645d7
https://git.kernel.org/stable/c/5e94e44c9cb30d7a383d8ac227f24a8c9326b770
https://git.kernel.org/stable/c/aaf900a83508c8cd5cdf765e7749f9076196ec7f
https://git.kernel.org/stable/c/4f364023ddcfe83f7073b973a9cb98584b7f2a46
https://git.kernel.org/stable/c/00e98b5a69034b251bb36dc6e7123d7648e218e4
https://git.kernel.org/stable/c/c2ff91255e0157b356cff115d8dc3eeb5162edf2
https://git.kernel.org/stable/c/7ebf70cf181651fe3f2e44e95e7e5073d594c9c0