Use-After-Free Vulnerability in Linux Kernel Impacting cdnsp Gadget Functionality
CVE-2025-40314

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
8 December 2025

What is CVE-2025-40314?

A use-after-free vulnerability exists in the Linux kernel's cdnsp gadget due to improper management of memory during the initialization and exit processes. This issue arises when the gadget structure is freed prior to its associated endpoints, leading to the potential dereferencing of dangling pointers. As a result, when the freed endpoints are accessed, it can lead to unpredictable behavior and security risks. A mitigation has been introduced by restructuring the memory management operations, ensuring that endpoint structures are properly freed before releasing the gadget structure itself.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8bc1901ca7b07d864fca11461b3875b31f949765 < 0cf9a50af91fbdac3849f8d950e883a3eaa3ecea

Linux 8bc1901ca7b07d864fca11461b3875b31f949765 < 37158ce6ba964b62d1e3eebd11f03c6900a52dd1

Linux 8bc1901ca7b07d864fca11461b3875b31f949765

References

https://git.kernel.org/stable/c/0cf9a50af91fbdac3849f8d95...
https://git.kernel.org/stable/c/37158ce6ba964b62d1e3eebd1...
https://git.kernel.org/stable/c/ea37884097a0931abb8e11e40...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.