CVE-2025-39785Use After Free in Linux

CWE-416Use After Free5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 94.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 11

Description

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local The local variable is passed in request_irq (), and there will be use after free problem, which will make request_irq failed. Using the global irq name instead of it to fix.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.166.16.4+1
Debianlinux/linux_kernel< 6.16.5-1
CVEListV5linux/linuxb11bc1ae46587f3563c47078e605184f18e7fa5706d261a085a11600f5b577bb56a65fb2c3e57d0a+2
debiandebian/linux< linux 6.16.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2025-39785: In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local The local vari2025-09-11
GHSA
GHSA-h39w-24rm-7gmr: In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local The local va2025-09-11

📋Vendor Advisories

2
Red Hat
kernel: drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local2025-09-11
Debian
CVE-2025-39785: linux - In the Linux kernel, the following vulnerability has been resolved: drm/hisilic...2025
CVE-2025-39785 — Use After Free in Linux | cvebase