Use After Free Vulnerability in Linux Kernel Tun Driver
CVE-2025-39984

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-39984?

A use-after-free vulnerability exists in the Linux kernel's tun driver, specifically during the handling of network packets processed by the XDP (Express Data Path). When the XDP program is attached, an original socket buffer (skb) may be freed prematurely, while the napi structure still references it, leading to potential instability or compromise. The issue arises when the skb is cleared, but the napi's reference is not updated accordingly, which could allow malicious actors to exploit the freed memory, resulting in security risks.

Affected Version(s)

Linux e6d5dbdd20aa6a86974af51deb9414cd2e7794cb < 953200d56fc23eebf80a5ad9eed6e2e8a3065093

Linux e6d5dbdd20aa6a86974af51deb9414cd2e7794cb < 1697577e1669b0321d02cd848384a5d33e284296

Linux e6d5dbdd20aa6a86974af51deb9414cd2e7794cb < 1091860a16a86ccdd77c09f2b21a5f634f5ab9ec

References

https://git.kernel.org/stable/c/953200d56fc23eebf80a5ad9e...

https://git.kernel.org/stable/c/1697577e1669b0321d02cd848...

https://git.kernel.org/stable/c/1091860a16a86ccdd77c09f2b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Apr 16, 2025

JSON