CVE-2025-22097

drm/vkms: Fix use after free and double free on init error

Severity Score

7.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might
access an uninitialized or freed default_config pointer and it might
double free it. Fix both possible errors by initializing default_config only when the
driver initialization succeeded.

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it. Fix both possible errors by initializing default_config only when the driver initialization succeeded.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-04-16 CVE Published
2025-04-16 CVE Updated
2025-04-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/2df7af93fdadb9ba8226fe443fae15ecdefda2a6	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/49a69f67f53518bdd9b7eeebf019a2da6cc0e954	2025-04-10
https://git.kernel.org/stable/c/79d138d137b80eeb0a83244d1cff29e64cf91067	2025-04-10
https://git.kernel.org/stable/c/561fc0c5cf41f646f3e9e61784cbc0fc832fb936	2025-04-10
https://git.kernel.org/stable/c/d5eb8e347905ab17788a7903fa1d3d06747355f5	2025-04-10
https://git.kernel.org/stable/c/b8a18bb53e06d6d3c1fd03d12533d6e333ba8853	2025-04-10
https://git.kernel.org/stable/c/1f68f1cf09d06061eb549726ff8339e064eddebd	2025-04-10
https://git.kernel.org/stable/c/ed15511a773df86205bda66c37193569575ae828	2025-02-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 5.15.180 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 5.15.180"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.1.134 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.1.134"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.6.87 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.6.87"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.12.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.12.23"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.13.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.13.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.14.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.14.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.12 < 6.15-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 6.15-rc1"		en		Affected