CVE-2025-39872

medium

Description

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsr_get_port_ndev hsr_get_port_ndev calls hsr_for_each_port, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller function.

References

https://git.kernel.org/stable/c/847748fc66d08a89135a74e29362a66ba4e3ab15

https://git.kernel.org/stable/c/68a6729afd3e8e9a2a32538642ce92b96ccf9b1d

Details

Source: Mitre, NVD

Published: 2025-09-23

Updated: 2025-09-24

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018