Use After Free Vulnerability in Linux Kernel Affecting MLX5 Command
CVE-2025-39979

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-39979?

A vulnerability exists in the MLX5 command of the Linux kernel, leading to a use after free condition during the release of flow counters. The issue stems from an improper initialization of the HWS action reference count and mutex in the function mlx5_cmd_hws_delete_fte(). If the counter structure has already been freed when a rule is deleted, it can cause kernel tracebacks, leading to potential instability. The vulnerability is addressed by ensuring proper initialization of these parameters to prevent accessing freed memory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch