CVE-2025-39872

In the Linux kernel, the following vulnerability has been resolved:

hsr: hold rcu and dev lock for hsr_get_port_ndev

hsr_get_port_ndev calls hsr_for_each_port, which need to hold rcu lock.
On the other hand, before return the port device, we need to hold the
device reference to avoid UaF in the caller function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
trixie
6.12.43-1
not-affected
bookworm
6.1.148-1
not-affected
bullseye (security)
5.10.237-1
fixed
bookworm (security)
6.1.153-1
fixed
trixie (security)
6.12.48-1
fixed
forky
vulnerable
sid
6.16.8-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/68a6729afd3e8e9a2a32538642ce92b96ccf9b1d
https://git.kernel.org/stable/c/847748fc66d08a89135a74e29362a66ba4e3ab15