Use-After-Free Vulnerability in Xilinx CAN Driver of Linux Kernel
CVE-2025-39873

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 23 September 2025

What is CVE-2025-39873?

A use-after-free condition exists in the Xilinx CAN driver of the Linux kernel, specifically within the xcan_write_frame() function. This vulnerability arises because the can_put_echo_skb() function, which takes ownership of the socket buffer (SKB), may allow the SKB to be freed during or after execution. Consequently, xcan_write_frame() continues to reference the freed SKB, leading to potential instability or security risks. The issue has been addressed by ensuring that can_put_echo_skb() is called only after all operations on the SKB are complete, maintaining the integrity of transmitted data and enhancing overall system reliability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch