CVE-2025-39951
EUVD-2025-3239404.10.2025, 08:15
In the Linux kernel, the following vulnerability has been resolved: um: virtio_uml: Fix use-after-free after put_device in probe When register_virtio_device() fails in virtio_uml_probe(), the code sets vu_dev->registered = 1 even though the device was not successfully registered. This can lead to use-after-free or other issues.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.5 ≤ 𝑥 < 5.10.245 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.194 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.154 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.6.108 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.49 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.16.9 |
| linux | linux_kernel | 6.17:rc1 |
| linux | linux_kernel | 6.17:rc2 |
| linux | linux_kernel | 6.17:rc3 |
| linux | linux_kernel | 6.17:rc4 |
| linux | linux_kernel | 6.17:rc5 |
| linux | linux_kernel | 6.17:rc6 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References