Use After Free Vulnerability in Linux Kernel's OcteonTX2-PF
CVE-2025-39978

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39978?

A vulnerability has been identified in the Linux kernel associated with the OcteonTX2-PF driver. The flaw arises during the handling of node structures, where dereferencing occurs after freeing the memory, leading to potential security risks. The code execution path incorrectly dereferences 'new_node' after it has been queued for free, indicating that the region is not safe for Read-Copy-Update (RCU) usage. To mitigate the risk, the code should be modified to ensure that dereferences take place prior to the freeing of the node.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 68fbff68dbea35f9e6f7649dd22fce492a5aedac < 5723120423a753a220b8b2954b273838b9d7e74a

Linux 68fbff68dbea35f9e6f7649dd22fce492a5aedac

Linux 68fbff68dbea35f9e6f7649dd22fce492a5aedac

References

https://git.kernel.org/stable/c/5723120423a753a220b8b2954...
https://git.kernel.org/stable/c/df2c071061ed52d2225d97b21...
https://git.kernel.org/stable/c/c41b2941a024d4ec7c768e16f...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.