CVE-2025-39951

Oct. 4, 2025, 8:15 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: um: virtio_uml: Fix use-after-free after put_device in probe When register_virtio_device() fails in virtio_uml_probe(), the code sets vu_dev->registered = 1 even though the device was not successfully registered. This can lead to use-after-free or other issues.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/00e98b5a69034b251bb36dc6e7123d7648e218e4
https://git.kernel.org/stable/c/14c231959a16ca41bfdcaede72483362a8c645d7
https://git.kernel.org/stable/c/4f364023ddcfe83f7073b973a9cb98584b7f2a46
https://git.kernel.org/stable/c/5e94e44c9cb30d7a383d8ac227f24a8c9326b770
https://git.kernel.org/stable/c/7ebf70cf181651fe3f2e44e95e7e5073d594c9c0
https://git.kernel.org/stable/c/aaf900a83508c8cd5cdf765e7749f9076196ec7f
https://git.kernel.org/stable/c/c2ff91255e0157b356cff115d8dc3eeb5162edf2

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-10-04
CVE-2025-39951

Timeline

Published: Oct. 4, 2025, 8:15 a.m.
Last Modified: Oct. 4, 2025, 8:15 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.