CVE-2025-21715

HIGH 7.8

net: davicom: fix UAF in dm9000_drv_remove

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it cannot be used after free_netdev() call. Using dm after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function. This is similar to the issue fixed in commit ad297cd2db89 ("net: qcom/emac: fix UAF in emac_remove"). This bug is detected by our static analysis tool.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 27, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

d28e783c20033b90a64d4e1307bafb56085d8184 < db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9 4fd0654b8f2129b68203974ddee15f804ec011c2 < a53cb72043443ac787ec0b5fa17bb3f8ff3d462b cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b < 7d7d201eb3b766abe590ac0dda7a508b7db3e357 cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b < c94ab07edc2843e2f3d46dbd82e5c681503aaadf cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b < c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b < 5a54367a7c2378c65aaa4d3cfd952f26adef7aa7 cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b < 2013c95df6752d9c88221d0f0f37b6f197969390 cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b < 19e65c45a1507a1a2926649d2db3583ed9d55fd9 d182994b2b6e23778b146a230efac8f1d77a3445 427b3fc3d5244fef9c1f910a9c699f2690642f83 9c49181c201d434186ca6b1a7b52e29f4169f6f8 9808f032c4d971cbf2b01411a0a2a8ee0040efe3 a1f308089257616cdb91b4334c5eaa81ae17e387

Linux / Linux

5.12

References

NVD ↗ CVE.org ↗ EPSS Data ↗