Use-After-Free Vulnerability in Linux Kernel ACPI Video Component
CVE-2025-40211

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
21 November 2025

What is CVE-2025-40211?

A vulnerability in the ACPI video component of the Linux kernel has been identified, which can lead to a use-after-free condition. This issue arises when the switch_brightness_work deferred work accesses members device->brightness and device->backlight that have already been freed during the device removal process. The improper management of delayed work can cause dereferencing to invalid memory, resulting in potential crashes or other unintended behaviors. The vulnerability has been addressed by ensuring that all queued work is canceled before freeing the associated resources, thus preventing the dereferencing of freed pointers.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8ab58e8e7e097bae5fe39cbc67eb93a91f7134b7 < 3f803ccf5a0c043e7c8b83f6665b082401fc8bee

Linux 8ab58e8e7e097bae5fe39cbc67eb93a91f7134b7

Linux 8ab58e8e7e097bae5fe39cbc67eb93a91f7134b7

References

https://git.kernel.org/stable/c/3f803ccf5a0c043e7c8b83f66...
https://git.kernel.org/stable/c/ba1704316492a0496c6933433...
https://git.kernel.org/stable/c/bc78a4f51d548c1ccc3d1967c...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.