Local Variable Vulnerability in Hisilicon hibmc Driver for Linux Kernel
CVE-2025-39785

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 September 2025

What is CVE-2025-39785?

A use-after-free vulnerability has been identified in the Hisilicon hibmc driver within the Linux Kernel. This vulnerability arises from the improper handling of a local variable in the irq_request() function, leading to potential failures when calling request_irq(). The issue is resolved by utilizing a global irq name, thereby preventing the local variable from being passed erroneously. This fix addresses the risk associated with the use of freed memory, enhancing the stability and security of the Linux Kernel.

Affected Version(s)

Linux b11bc1ae46587f3563c47078e605184f18e7fa57 < 06d261a085a11600f5b577bb56a65fb2c3e57d0a

Linux b11bc1ae46587f3563c47078e605184f18e7fa57 < 8bed4ec42a4e0dc8113172696ff076d1eb6d8bcb

Linux 6.16

References

https://git.kernel.org/stable/c/06d261a085a11600f5b577bb5...

https://git.kernel.org/stable/c/8bed4ec42a4e0dc8113172696...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2025
Vulnerability Reserved
Apr 16, 2025