CVE-2025-38464

EUVD-2025-22677

25.07.2025, 16:15

In the Linux kernel, the following vulnerability has been resolved:

tipc: Fix use-after-free in tipc_conn_close().

syzbot reported a null-ptr-deref in tipc_conn_close() during netns
dismantle. [0]

tipc_topsrv_stop() iterates tipc_net(net)->topsrv->conn_idr and calls
tipc_conn_close() for each tipc_conn.

The problem is that tipc_conn_close() is called after releasing the
IDR lock.

At the same time, there might be tipc_conn_recv_work() running and it
could call tipc_conn_close() for the same tipc_conn and release its
last ->kref.

Once we release the IDR lock in tipc_topsrv_stop(), there is no
guarantee that the tipc_conn is alive.

Let's hold the ref before releasing the lock and put the ref after
tipc_conn_close() in tipc_topsrv_stop().

[0]:
BUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165
Read of size 8 at addr ffff888099305a08 by task kworker/u4:3/435

CPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: netns cleanup_net
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 print_address_description.cold+0x54/0x219 mm/kasan/report.c:256
 kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354
 kasan_report mm/kasan/report.c:412 [inline]
 __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433
 tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165
 tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]
 tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722
 ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153
 cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553
 process_one_work+0x864/0x1570 kernel/workqueue.c:2153
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415

Allocated by task 23:
 kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625
 kmalloc include/linux/slab.h:515 [inline]
 kzalloc include/linux/slab.h:709 [inline]
 tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192
 tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470
 process_one_work+0x864/0x1570 kernel/workqueue.c:2153
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415

Freed by task 23:
 __cache_free mm/slab.c:3503 [inline]
 kfree+0xcc/0x210 mm/slab.c:3822
 tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]
 kref_put include/linux/kref.h:70 [inline]
 conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155
 process_one_work+0x864/0x1570 kernel/workqueue.c:2153
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415

The buggy address belongs to the object at ffff888099305a00
 which belongs to the cache kmalloc-512 of size 512
The buggy address is located 8 bytes inside of
 512-byte region [ffff888099305a00, ffff888099305c00)
The buggy address belongs to the page:
page:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0
flags: 0xfff00000000100(slab)
raw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940
raw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                      ^
 ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	3.11 ≤ 𝑥 < 5.4.296
linux	linux_kernel	5.5 ≤ 𝑥 < 5.10.240
linux	linux_kernel	5.11 ≤ 𝑥 < 5.15.189
linux	linux_kernel	5.16 ≤ 𝑥 < 6.1.146
linux	linux_kernel	6.2 ≤ 𝑥 < 6.6.99
linux	linux_kernel	6.7 ≤ 𝑥 < 6.12.39
linux	linux_kernel	6.13 ≤ 𝑥 < 6.15.7
linux	linux_kernel	6.16:rc1
linux	linux_kernel	6.16:rc2
linux	linux_kernel	6.16:rc3
linux	linux_kernel	6.16:rc4
linux	linux_kernel	6.16:rc5
debian	debian_linux	11.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.159-1 fixed
bookworm (security)	6.1.162-1 fixed
bullseye	vulnerable
bullseye (security)	5.10.249-1 fixed
forky	6.18.9-1 fixed
sid	6.18.12-1 fixed
trixie	6.12.63-1 fixed
trixie (security)	6.12.73-1 fixed

linux-6.1

bullseye (security)

6.1.162-1~deb11u1

fixed

Ubuntu Releases

Ubuntu Product

Codename

linux-hwe

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	needed

linux-hwe-5.4

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.15

bionic	dne
focal	Fixed 5.15.0-156.166~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-100.100~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.14

bionic	dne
focal	dne
jammy	dne
noble	not-affected
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-hwe-edge

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	ignored

linux-lts-xenial

bionic	dne
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	ignored
xenial	dne

linux-kvm

bionic	needed
focal	needed
jammy	Fixed 5.15.0-1088.93 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	needed

linux-allwinner-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.0

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.3

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.4

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.15

bionic	dne
focal	Fixed 5.15.0-1092.99~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-1046.49~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1017.17~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-hwe

bionic	dne
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	needed

linux-azure

bionic	ignored
focal	needed
jammy	Fixed 5.15.0-1096.105 released
noble	pending
plucky	Fixed 6.14.0-1017.17 released
questing	not-affected
trusty	ignored
xenial	needed

linux-azure-4.15

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.3

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.4

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.15

bionic	dne
focal	Fixed 5.15.0-1096.105~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.8

bionic	dne
focal	dne
jammy	pending
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde

bionic	dne
focal	ignored
jammy	needed
noble	needed
plucky	ignored
questing	needs-triage
trusty	dne
xenial	dne

linux-azure-fde-5.15

bionic	dne
focal	not-affected
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-nvidia

bionic	dne
focal	dne
jammy	dne
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-bluefield

bionic	dne
focal	needed
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-edge

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-fips

bionic	needed
focal	needed
jammy	Fixed 5.15.0-156.166+fips1 released
noble	Fixed 6.8.0-100.100+fips1 released
plucky	dne
questing	dne
trusty	dne
xenial	needed

linux-aws-fips

bionic	needed
focal	needed
jammy	Fixed 5.15.0-1092.99+fips1 released
noble	Fixed 6.8.0-1046.49+fips1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fips

bionic	needed
focal	needed
jammy	Fixed 5.15.0-1096.105+fips1 released
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-fips

bionic	needed
focal	needed
jammy	Fixed 5.15.0-1092.101+fips1 released
noble	Fixed 6.8.0-1047.50+fips1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp

bionic	ignored
focal	needed
jammy	Fixed 5.15.0-1092.101 released
noble	Fixed 6.8.0-1047.50 released
plucky	Fixed 6.14.0-1020.21 released
questing	not-affected
trusty	dne
xenial	needed

linux-gcp-4.15

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.3

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.4

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.15

bionic	dne
focal	Fixed 5.15.0-1092.101~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-1047.50~22.04.2 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1020.21~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gke

bionic	dne
focal	ignored
jammy	Fixed 5.15.0-1089.95 released
noble	Fixed 6.8.0-1043.48 released
plucky	dne
questing	dne
trusty	dne
xenial	ignored

linux-gke-4.15

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gke-5.4

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gke-5.15

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gkeop

bionic	dne
focal	ignored
jammy	Fixed 5.15.0-1075.83 released
noble	Fixed 6.8.0-1030.33 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gkeop-5.4

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-gkeop-5.15

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-ibm

bionic	dne
focal	needed
jammy	Fixed 5.15.0-1086.89 released
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-ibm-5.4

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-ibm-5.15

bionic	dne
focal	Fixed 5.15.0-1086.89~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-ibm-6.8

bionic	dne
focal	dne
jammy	pending
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-intel-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-intel-iotg

bionic	dne
focal	dne
jammy	Fixed 5.15.0-1087.93 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-intel-iotg-5.15

bionic	dne
focal	Fixed 5.15.0-1087.93~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-iot

bionic	dne
focal	needed
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-intel-iot-realtime

bionic	dne
focal	dne
jammy	Fixed 5.15.0-1085.87 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency

bionic	dne
focal	dne
jammy	Fixed 5.15.0-156.166 released
noble	Fixed 6.8.0-100.100.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-5.15

bionic	dne
focal	Fixed 5.15.0-156.166~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-100.100.1~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-lowlatency-hwe-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia

bionic	dne
focal	dne
jammy	Fixed 5.15.0-1087.88 released
noble	Fixed 6.8.0-1046.49 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-1046.49~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-lowlatency

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.8.0-1046.49.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-tegra

bionic	dne
focal	dne
jammy	Fixed 5.15.0-1045.45 released
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-tegra-5.15

bionic	dne
focal	Fixed 5.15.0-1045.45~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-tegra-igx

bionic	dne
focal	dne
jammy	Fixed 5.15.0-1034.34 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.0

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.3

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.4

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-5.15

bionic	dne
focal	Fixed 5.15.0-1090.96~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-1043.44~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oracle-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1017.17~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem

bionic	ignored
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	ignored

linux-oem-5.6

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-5.10

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-5.13

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-5.14

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-5.17

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.0

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.1

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.8

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-oem-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1016.16 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-raspi2

bionic	ignored
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	ignored

linux-raspi-5.4

bionic	needed
focal	dne
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-raspi-realtime

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.8.0-2037.38 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv

bionic	dne
focal	ignored
jammy	ignored
noble	ignored
plucky	Fixed 6.14.0-36.36.1 released
questing	not-affected
trusty	dne
xenial	dne

linux-riscv-5.8

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-5.11

bionic	dne
focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-5.15

bionic	dne
focal	Fixed 5.15.0-1087.91~20.04.1 released
jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.0-100.100~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-riscv-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-36.36.1~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-starfive-5.19

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-starfive-6.2

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-starfive-6.5

bionic	dne
focal	dne
jammy	ignored
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-xilinx-zynqmp

bionic	dne
focal	needed
jammy	Fixed 5.15.0-1056.60 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux

bionic	needed
focal	needed
jammy	Fixed 5.15.0-156.166 released
noble	Fixed 6.8.0-100.100 released
plucky	Fixed 6.14.0-36.36 released
questing	not-affected
trusty	ignored
xenial	needed

linux-aws

bionic	needed
focal	needed
jammy	Fixed 5.15.0-1092.99 released
noble	Fixed 6.8.0-1046.49 released
plucky	Fixed 6.14.0-1017.17 released
questing	not-affected
trusty	ignored
xenial	needed

linux-oracle

bionic	needed
focal	needed
jammy	Fixed 5.15.0-1090.96 released
noble	Fixed 6.8.0-1043.44 released
plucky	Fixed 6.14.0-1017.17 released
questing	not-affected
trusty	dne
xenial	needed

linux-realtime

bionic	dne
focal	dne
jammy	Fixed 5.15.0-1092.101 released
noble	Fixed 6.8.1-1041.42 released
plucky	Fixed 6.14.0-1016.16 released
questing	not-affected
trusty	dne
xenial	dne

linux-raspi

bionic	dne
focal	needed
jammy	Fixed 5.15.0-1086.89 released
noble	Fixed 6.8.0-1047.51 released
plucky	Fixed 6.14.0-1018.18 released
questing	not-affected
trusty	dne
xenial	dne

linux-intel

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-nvidia-6.11

bionic	dne
focal	dne
jammy	dne
noble	ignored
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-realtime-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1016.16~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-realtime-6.8

bionic	dne
focal	dne
jammy	Fixed 6.8.1-1041.42~22.04.1 released
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-6.14

bionic	dne
focal	dne
jammy	dne
noble	Fixed 6.14.0-1017.17~24.04.1 released
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde-6.14

bionic	dne
focal	dne
jammy	dne
noble	needed
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-nvidia-6.14

bionic	dne
focal	dne
jammy	dne
noble	pending
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-xilinx

bionic	dne
focal	dne
jammy	dne
noble	pending
plucky	ignored
questing	dne
trusty	dne
xenial	dne

linux-oem-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-azure-fde-6.8

bionic	dne
focal	dne
jammy	needed
noble	dne
plucky	dne
questing	dne
trusty	dne
xenial	dne

linux-aws-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

linux-gcp-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

linux-hwe-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

linux-oracle-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

linux-riscv-6.17

bionic	dne
focal	dne
jammy	dne
noble	not-affected
questing	dne
trusty	dne
xenial	dne

Common Weakness Enumeration

CWE-416 - Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

References

https://git.kernel.org/stable/c/03dcdd2558e1e55bf843822fe4363dcb48743f2b

https://git.kernel.org/stable/c/15a6f4971e2f157d57e09ea748d1fbc714277aa4

https://git.kernel.org/stable/c/1dbf7cd2454a28b1da700085b99346b5445aeabb

https://git.kernel.org/stable/c/3b89e17b2fd64012682bed158d9eb3d2e96dec42

https://git.kernel.org/stable/c/50aa2d121bc2cfe2d825f8a331ea75dfaaab6a50

https://git.kernel.org/stable/c/667eeab4999e981c96b447a4df5f20bdf5c26f13

https://git.kernel.org/stable/c/be4b8392da7978294f2f368799d29dd509fb6c4d

https://git.kernel.org/stable/c/dab8ded2e5ff41012a6ff400b44dbe76ccf3592a

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html