CVE-2025-21715

net: davicom: fix UAF in dm9000_drv_remove

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it cannot be
used after free_netdev() call. Using dm after free_netdev()
can cause UAF bug. Fix it by moving free_netdev() at the end of the
function. This is similar to the issue fixed in commit
ad297cd2db89 ("net: qcom/emac: fix UAF in emac_remove"). This bug is detected by our static analysis tool.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-02-27 CVE Published
2025-02-27 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (13)

URL	Tag	Source
https://git.kernel.org/stable/c/cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b	Vuln. Introduced
https://git.kernel.org/stable/c/d182994b2b6e23778b146a230efac8f1d77a3445	Vuln. Introduced
https://git.kernel.org/stable/c/427b3fc3d5244fef9c1f910a9c699f2690642f83	Vuln. Introduced
https://git.kernel.org/stable/c/9c49181c201d434186ca6b1a7b52e29f4169f6f8	Vuln. Introduced
https://git.kernel.org/stable/c/9808f032c4d971cbf2b01411a0a2a8ee0040efe3	Vuln. Introduced
https://git.kernel.org/stable/c/d28e783c20033b90a64d4e1307bafb56085d8184	Vuln. Introduced
https://git.kernel.org/stable/c/4fd0654b8f2129b68203974ddee15f804ec011c2	Vuln. Introduced
https://git.kernel.org/stable/c/a1f308089257616cdb91b4334c5eaa81ae17e387	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/c94ab07edc2843e2f3d46dbd82e5c681503aaadf	2025-02-21
https://git.kernel.org/stable/c/c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca	2025-02-08
https://git.kernel.org/stable/c/5a54367a7c2378c65aaa4d3cfd952f26adef7aa7	2025-02-08
https://git.kernel.org/stable/c/2013c95df6752d9c88221d0f0f37b6f197969390	2025-02-08
https://git.kernel.org/stable/c/19e65c45a1507a1a2926649d2db3583ed9d55fd9	2025-01-27

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.1.129 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.1.129"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.6.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.6.76"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.12.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.12.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.13.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.13.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.14-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.14-rc1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.4.262 Search vendor "Linux" for product "Linux Kernel" and version "4.4.262"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.9.262 Search vendor "Linux" for product "Linux Kernel" and version "4.9.262"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.14.226 Search vendor "Linux" for product "Linux Kernel" and version "4.14.226"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.19.181 Search vendor "Linux" for product "Linux Kernel" and version "4.19.181"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.4.106 Search vendor "Linux" for product "Linux Kernel" and version "5.4.106"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.10.24 Search vendor "Linux" for product "Linux Kernel" and version "5.10.24"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.11.7 Search vendor "Linux" for product "Linux Kernel" and version "5.11.7"		en		Affected