AI description
Automated description summarized from trusted sources.
CVE-2025-21715 is a use-after-free (UAF) vulnerability found in the Linux kernel's Davicom ethernet driver (dm9000). The vulnerability exists because the `dm` netdev private data is accessed after it has been freed by the `free_netdev()` call. This vulnerability was detected through static analysis and has been addressed by rearranging the driver code to ensure that `free_netdev()` is called last. The fix is similar to a previous patch for a comparable issue found in the Qualcomm emac driver.
- Description
- In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it cannot be used after free_netdev() call. Using dm after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function. This is similar to the issue fixed in commit ad297cd2db89 ("net: qcom/emac: fix UAF in emac_remove"). This bug is detected by our static analysis tool.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Modified
- Products
- linux_kernel
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-416
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C020C31F-47CF-42F2-A390-66AC716AD29F",
"versionEndExcluding": "4.5",
"versionStartIncluding": "4.4.262"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86BFA76D-C97D-4F78-A857-7DC7B5711DC0",
"versionEndExcluding": "4.10",
"versionStartIncluding": "4.9.262"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9608EF4-37A2-4904-B924-93CA34F65EBE",
"versionEndExcluding": "4.15",
"versionStartIncluding": "4.14.226"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CD1844D-5434-4975-BB93-6CD6962BDD86",
"versionEndExcluding": "4.20",
"versionStartIncluding": "4.19.181"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A68494EB-28C2-4CA7-84BF-CA5A0F101C2C",
"versionEndExcluding": "5.4.291",
"versionStartIncluding": "5.4.106"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0876206-0FB7-4903-A5F8-D8D144259E0C",
"versionEndExcluding": "5.10.235",
"versionStartIncluding": "5.10.24"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E62061D9-0931-468F-87F0-9FB3065DF87B",
"versionEndExcluding": "5.15.179",
"versionStartIncluding": "5.11.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DA5009C-C9B9-4A1D-9B96-78427E8F232C",
"versionEndExcluding": "6.1.129",
"versionStartIncluding": "5.16"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6D70701-9CB6-4222-A957-00A419878993",
"versionEndExcluding": "6.6.76",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373",
"versionEndExcluding": "6.12.13",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3",
"versionEndExcluding": "6.13.2",
"versionStartIncluding": "6.13"
}
],
"operator": "OR"
}
]
}
]