CVE-2025-39896
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
accel/ivpu: Prevent recovery work from being queued during device removal
Use disable_work_sync() instead of cancel_work_sync() in ivpu_dev_fini() to ensure that no new recovery work items can be queued after device removal has started. Previously, recovery work could be scheduled even after canceling existing work, potentially leading to use-after-free bugs if recovery accessed freed resources.
Rename ivpu_pm_cancel_recovery() to ivpu_pm_disable_recovery() to better reflect its new behavior.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 58cde80f45a2b1683ea3c24a9a9a4b0e1005336b < 54c49eca38dbd06913a696f6d7610937dcfad226 | affected |
| Linux | Linux | 58cde80f45a2b1683ea3c24a9a9a4b0e1005336b < 565d2c15b6c36c3250e694f7b9a86229c1787be5 | affected |
| Linux | Linux | 58cde80f45a2b1683ea3c24a9a9a4b0e1005336b < 69a79ada8eb034ce016b5b78fb7d08d8687223de | affected |
| Linux | Linux | 6.8 | affected |
| Linux | Linux | 0 < 6.8 | unaffected |
| Linux | Linux | 6.12.46 <= 6.12.* | unaffected |
| Linux | Linux | 6.16.6 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://git.kernel.org/stable/c/54c49eca38dbd06913a696f6d7610937dcfad226
- https://git.kernel.org/stable/c/565d2c15b6c36c3250e694f7b9a86229c1787be5
- https://git.kernel.org/stable/c/69a79ada8eb034ce016b5b78fb7d08d8687223de
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.