Use After Free Vulnerability in Linux Kernel's ssi_protocol Driver
CVE-2025-37838

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 April 2025

Summary

The Linux kernel's ssi_protocol driver is susceptible to a use after free vulnerability caused by a race condition between the cleanup process and the execution of a work function. In particular, when the ssi_protocol_remove() function is invoked, it frees a memory structure (ssi) while another process may still reference it. This can result in unpredictable behavior or potential exploitation. The issue has been addressed by ensuring that any ongoing work is canceled prior to executing the cleanup process, thereby preserving system integrity.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 834e602d0cc7c743bfce734fad4a46cefc0f9ab1

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4b4194c9a7a8f92db39e8e86c85f4fb12ebbec4f

References

https://git.kernel.org/stable/c/ae5a6a0b425e8f76a9f0677e5...

https://git.kernel.org/stable/c/834e602d0cc7c743bfce734fa...

https://git.kernel.org/stable/c/4b4194c9a7a8f92db39e8e86c...

Timeline

Vulnerability published
Apr 18, 2025