Memory Management Vulnerability in Linux Kernel Affecting Device Handling
CVE-2025-39872

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
23 September 2025

What is CVE-2025-39872?

A vulnerability exists in the Linux kernel related to the hsr_get_port_ndev function, which requires proper management of the Read-Copy-Update (RCU) lock and device locking. Failure to hold these locks appropriately can lead to a use-after-free condition in the caller function, potentially allowing unauthorized access to device references. This presents risks to system integrity and can be exploited if not properly mitigated.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ef964411c8ca775967355d855abc56aeaca3c867 < 9433ba79c2ec3ec7c9a711748701549339c3438c

Linux 9c10dd8eed74de9e8adeb820939f8745cd566d4a < 68a6729afd3e8e9a2a32538642ce92b96ccf9b1d

Linux 9c10dd8eed74de9e8adeb820939f8745cd566d4a < 847748fc66d08a89135a74e29362a66ba4e3ab15

References

https://git.kernel.org/stable/c/9433ba79c2ec3ec7c9a711748...
https://git.kernel.org/stable/c/68a6729afd3e8e9a2a3253864...
https://git.kernel.org/stable/c/847748fc66d08a89135a74e29...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.