Media Remote Control Driver Vulnerability in Linux Kernel
CVE-2025-39993

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39993?

A vulnerability has been identified in the iMON driver within the Linux kernel, where improper release of the USB device reference during the disconnect process can lead to a use-after-free condition. Specifically, the lack of coordination between the disconnection routine and active users of the device results in potential exploitation opportunities. When the device is disconnected, active operations may still be in progress, creating a situation where the device reference can be freed while still in use. This flaw underscores the necessity for improved locking mechanisms to synchronously manage device availability and user access, ensuring data integrity and system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 21677cfc562a27e099719d413287bc8d1d24deb7 < 9348976003e39754af344949579e824a0a210fc4

Linux 21677cfc562a27e099719d413287bc8d1d24deb7

Linux 21677cfc562a27e099719d413287bc8d1d24deb7 < 71c52b073922d05e79e6de7fc7f5f38f927929a4

References

https://git.kernel.org/stable/c/9348976003e39754af3449495...
https://git.kernel.org/stable/c/b03fac6e2a38331faf8510b48...
https://git.kernel.org/stable/c/71c52b073922d05e79e6de7fc...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.