-
CVE-2025-39978
- EPSS 0.06%
- Veröffentlicht 15.10.2025 07:55:58
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
octeontx2-pf: Fix potential use after free in otx2_tc_add_flow()
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() This code calls kfree_rcu(new_node, rcu) and then dereferences "new_node" and then dereferences it on the next line. Two lines later, we take a mutex so I don't think this is an RCU safe region. Re-order it to do the dereferences before queuing up the free.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
68fbff68dbea35f9e6f7649dd22fce492a5aedac
Version <
5723120423a753a220b8b2954b273838b9d7e74a
Status
affected
Version
68fbff68dbea35f9e6f7649dd22fce492a5aedac
Version <
df2c071061ed52d2225d97b212d27ecedf456b8a
Status
affected
Version
68fbff68dbea35f9e6f7649dd22fce492a5aedac
Version <
c41b2941a024d4ec7c768e16ffb10a74b188fced
Status
affected
Version
68fbff68dbea35f9e6f7649dd22fce492a5aedac
Version <
a8a63f27c3a8a3714210d32b12fd0f16d0337414
Status
affected
Version
68fbff68dbea35f9e6f7649dd22fce492a5aedac
Version <
d9c70e93ec5988ab07ad2a92d9f9d12867f02c56
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.14
Status
affected
Version
0
Version <
5.14
Status
unaffected
Version <=
6.1.*
Version
6.1.155
Status
unaffected
Version <=
6.6.*
Version
6.6.109
Status
unaffected
Version <=
6.12.*
Version
6.12.50
Status
unaffected
Version <=
6.16.*
Version
6.16.10
Status
unaffected
Version <=
*
Version
6.17
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.183 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|