FKIE_CVE-2025-39951

Vulnerability from fkie_nvd - Published: 2025-10-04 08:15 - Updated: 2025-10-06 14:56
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: um: virtio_uml: Fix use-after-free after put_device in probe When register_virtio_device() fails in virtio_uml_probe(), the code sets vu_dev->registered = 1 even though the device was not successfully registered. This can lead to use-after-free or other issues.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/00e98b5a69034b251bb36dc6e7123d7648e218e4
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/14c231959a16ca41bfdcaede72483362a8c645d7
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4f364023ddcfe83f7073b973a9cb98584b7f2a46
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5e94e44c9cb30d7a383d8ac227f24a8c9326b770
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7ebf70cf181651fe3f2e44e95e7e5073d594c9c0
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/aaf900a83508c8cd5cdf765e7749f9076196ec7f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c2ff91255e0157b356cff115d8dc3eeb5162edf2
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\num: virtio_uml: Fix use-after-free after put_device in probe\n\nWhen register_virtio_device() fails in virtio_uml_probe(),\nthe code sets vu_dev-\u003eregistered = 1 even though\nthe device was not successfully registered.\nThis can lead to use-after-free or other issues."
    }
  ],
  "id": "CVE-2025-39951",
  "lastModified": "2025-10-06T14:56:47.823",
  "metrics": {},
  "published": "2025-10-04T08:15:48.380",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/00e98b5a69034b251bb36dc6e7123d7648e218e4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/14c231959a16ca41bfdcaede72483362a8c645d7"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4f364023ddcfe83f7073b973a9cb98584b7f2a46"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5e94e44c9cb30d7a383d8ac227f24a8c9326b770"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/7ebf70cf181651fe3f2e44e95e7e5073d594c9c0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/aaf900a83508c8cd5cdf765e7749f9076196ec7f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c2ff91255e0157b356cff115d8dc3eeb5162edf2"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.