CVE-2025-21715
Published: Feb 27, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it cannot be used after free_netdev() call. Using dm after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function. This is similar to the issue fixed in commit ad297cd2db89 ("net: qcom/emac: fix UAF in emac_remove"). This bug is detected by our static analysis tool.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected d28e783c20033b90a64d4e1307bafb56085d8184 - < db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9affected 4fd0654b8f2129b68203974ddee15f804ec011c2 - < a53cb72043443ac787ec0b5fa17bb3f8ff3d462baffected cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b - < 7d7d201eb3b766abe590ac0dda7a508b7db3e357affected cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b - < c94ab07edc2843e2f3d46dbd82e5c681503aaadfaffected cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b - < c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca+15 more versions |
Linux | Linux | affected 5.12unaffected 0 - < 5.12unaffected 5.4.291 - <= 5.4.*unaffected 5.10.235 - <= 5.10.*unaffected 5.15.179 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now