CVE-2025-39882

Sept. 24, 2025, 6:11 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: fix potential OF node use-after-free The for_each_child_of_node() helper drops the reference it takes to each node as it iterates over children and an explicit of_node_put() is only needed when exiting the loop early. Drop the recently introduced bogus additional reference count decrement at each iteration that could potentially lead to a use-after-free.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/4de37a48b6b58faaded9eb765047cf0d8785ea18
https://git.kernel.org/stable/c/b2fbe0f9f80b9cfa1e06ddcf8b863d918394ef1d
https://git.kernel.org/stable/c/b58a26cdd4795c1ce6a80e38e9348885555dacd6
https://git.kernel.org/stable/c/c4901802ed1ce859242e10af06e6a7752cba0497

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-09-23
CVE-2025-39882

Timeline

Published: Sept. 23, 2025, 6:15 a.m.
Last Modified: Sept. 24, 2025, 6:11 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.