Use-After-Free Vulnerability in Mediatek DRM Component for Linux Kernel
CVE-2025-39882

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 23 September 2025

What is CVE-2025-39882?

A vulnerability exists in the Mediatek DRM component of the Linux kernel where improper reference counting can lead to a use-after-free condition. The issue arises in the for_each_child_of_node() function, which drops a reference for each node as it iterates over child nodes. An erroneous additional reference count decrement that was recently introduced can compromise memory management, leading to potential exploitation. This vulnerability necessitates corrective measures to prevent misuse and ensure system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 7d98166183d627c0b9daca7672b2191fae0f8a03

Linux 31ce7c089b50c3d3056c37e0e25e7535e4428ae1

Linux fae58d0155a979a8c414bbc12db09dd4b2f910d0

References

https://git.kernel.org/stable/c/b2fbe0f9f80b9cfa1e06ddcf8...

https://git.kernel.org/stable/c/b58a26cdd4795c1ce6a80e38e...

https://git.kernel.org/stable/c/c4901802ed1ce859242e10af0...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 23, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Linux

What is CVE-2025-39882?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.