CVE-2025-21855Use After Free in Linux

CWE-416Use After Free65 documents7 sources
Severity
7.8HIGHNVD
OSV5.5
EPSS
0.0%
top 88.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LinuxLinux KernelDebian Linux+3 more
Timeline
PublishedMar 12
Latest updateJan 12

Description

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It is invalid to access the skb memory after sending the buffer to the VIOS because, at any point after sending, the VIOS can trigger an interrupt to free this memory. A race between reading skb->len and freeing the skb is possible (especially during LP

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

NVDlinux/linux_kernel4.56.1.130+4
Debianlinux/linux_kernel< 6.1.133-1+2
Ubuntulinux/linux_kernel< 5.15.0-164.174+4
CVEListV5linux/linux032c5e82847a2214c3196a90f0aeba0ce252de58501ac6a7e21b82e05207c6b4449812d82820f306+5

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

32
OSV
linux-iot vulnerabilities2026-01-12
OSV
linux-kvm vulnerabilities2026-01-09
OSV
linux-raspi, linux-raspi-5.4 vulnerabilities2026-01-06
OSV
linux-oracle-5.4 vulnerabilities2025-12-19
OSV
linux-raspi vulnerabilities2025-12-19

📋Vendor Advisories

32
Ubuntu
Linux kernel (IoT) vulnerabilities2026-01-12
Ubuntu
Linux kernel (KVM) vulnerabilities2026-01-09
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2026-01-06
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-12-19
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-12-19
CVE-2025-21855 — Use After Free in Linux | cvebase