CVE-2025-40194
Published: Nov 12, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() The cpufreq_cpu_put() call in update_qos_request() takes place too early because the latter subsequently calls freq_qos_update_request() that indirectly accesses the policy object in question through the QoS request object passed to it. Fortunately, update_qos_request() is called under intel_pstate_driver_lock, so this issue does not matter for changing the intel_pstate operation mode, but it theoretically can cause a crash to occur on CPU device hot removal (which currently can only happen in virt, but it is formally supported nevertheless). Address this issue by modifying update_qos_request() to drop the reference to the policy later.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected da5c504c7aae96db68c4b38e2564a88e91842d89 - < 15ac9579ebdaf22a37d7f60b3a8efc1029732ef9affected da5c504c7aae96db68c4b38e2564a88e91842d89 - < bc26564bcc659beb6d977cd6eb394041ec2f2851affected da5c504c7aae96db68c4b38e2564a88e91842d89 - < ad4e8f9bdbef11a19b7cb93e7f313bf59bdcc3b4affected da5c504c7aae96db68c4b38e2564a88e91842d89 - < 0a58d3e77b22b087a57831c87cafd360e144a5bdaffected da5c504c7aae96db68c4b38e2564a88e91842d89 - < 69a18ff6c60e8e113420f15355fad862cb45d38e+3 more versions |
Linux | Linux | affected 5.4unaffected 0 - < 5.4unaffected 5.4.301 - <= 5.4.*unaffected 5.10.246 - <= 5.10.*unaffected 5.15.195 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now