CVE-2025-39872
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
hsr: hold rcu and dev lock for hsr_get_port_ndev
hsr_get_port_ndev calls hsr_for_each_port, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller function.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ef964411c8ca775967355d855abc56aeaca3c867 < 9433ba79c2ec3ec7c9a711748701549339c3438c | affected |
| Linux | Linux | 9c10dd8eed74de9e8adeb820939f8745cd566d4a < 68a6729afd3e8e9a2a32538642ce92b96ccf9b1d | affected |
| Linux | Linux | 9c10dd8eed74de9e8adeb820939f8745cd566d4a < 847748fc66d08a89135a74e29362a66ba4e3ab15 | affected |
| Linux | Linux | 6.12.63 < 6.12.64 | affected |
| Linux | Linux | 6.14 | affected |
| Linux | Linux | 0 < 6.14 | unaffected |
| Linux | Linux | 6.12.64 <= 6.12.* | unaffected |
| Linux | Linux | 6.16.8 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/9433ba79c2ec3ec7c9a711748701549339c3438c
- https://git.kernel.org/stable/c/68a6729afd3e8e9a2a32538642ce92b96ccf9b1d
- https://git.kernel.org/stable/c/847748fc66d08a89135a74e29362a66ba4e3ab15
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.