CVE-2025-21715 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it cannot be used after free_netdev() call. Using dm after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function. This is similar to the issue fixed in commit ad297cd2db89 ("net: qcom/emac: fix UAF in emac_remove"). This bug is detected by our static analysis tool.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/19e65c45a1507a1a2926649d2db3583ed9d55fd9
https://git.kernel.org/stable/c/2013c95df6752d9c88221d0f0f37b6f197969390
https://git.kernel.org/stable/c/5a54367a7c2378c65aaa4d3cfd952f26adef7aa7
https://git.kernel.org/stable/c/7d7d201eb3b766abe590ac0dda7a508b7db3e357
https://git.kernel.org/stable/c/a53cb72043443ac787ec0b5fa17bb3f8ff3d462b
https://git.kernel.org/stable/c/c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca
https://git.kernel.org/stable/c/c94ab07edc2843e2f3d46dbd82e5c681503aaadf
https://git.kernel.org/stable/c/db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9
https://lore.kernel.org/linux-cve-announce/2025022645-CVE-2025-21715-2837@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-21715
https://www.cve.org/CVERecord?id=CVE-2025-21715

History

Tue, 01 Apr 2025 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel

Thu, 13 Mar 2025 12:30:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/7d7d201eb3b766abe590ac0dda7a508b7db3e357 https://git.kernel.org/stable/c/a53cb72043443ac787ec0b5fa17bb3f8ff3d462b https://git.kernel.org/stable/c/db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9

Tue, 04 Mar 2025 03:45:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 28 Feb 2025 02:00:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025022645-CVE-2025-21715-2837@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-21715 https://www.cve.org/CVERecord?id=CVE-2025-21715
Metrics	threat_severity `None`	threat_severity `Moderate`

Thu, 27 Feb 2025 18:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-416
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Thu, 27 Feb 2025 02:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it cannot be used after free_netdev() call. Using dm after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function. This is similar to the issue fixed in commit ad297cd2db89 ("net: qcom/emac: fix UAF in emac_remove"). This bug is detected by our static analysis tool.
Title		net: davicom: fix UAF in dm9000_drv_remove
References		https://git.kernel.org/stable/c/19e65c45a1507a1a2926649d2db3583ed9d55fd9 https://git.kernel.org/stable/c/2013c95df6752d9c88221d0f0f37b6f197969390 https://git.kernel.org/stable/c/5a54367a7c2378c65aaa4d3cfd952f26adef7aa7 https://git.kernel.org/stable/c/c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca https://git.kernel.org/stable/c/c94ab07edc2843e2f3d46dbd82e5c681503aaadf

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-02-27T02:07:26.174Z

Updated: 2025-03-24T15:39:14.273Z

Reserved: 2024-12-29T08:45:45.752Z

Link: CVE-2025-21715

Vulnrichment

Updated: 2025-02-27T17:58:16.254Z

NVD

Status : Analyzed

Published: 2025-02-27T02:15:15.167

Modified: 2025-04-01T18:29:30.707

Link: CVE-2025-21715

Redhat

Severity : Moderate

Publid Date: 2025-02-27T00:00:00Z

Links: CVE-2025-21715 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-21715", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-12-29T08:45:45.752Z", "datePublished": "2025-02-27T02:07:26.174Z", "dateUpdated": "2025-03-24T15:39:14.273Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-24T15:39:14.273Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: davicom: fix UAF in dm9000_drv_remove\n\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\n\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\n\nThis bug is detected by our static analysis tool."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/davicom/dm9000.c"], "versions": [{"version": "d28e783c20033b90a64d4e1307bafb56085d8184", "lessThan": "db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9", "status": "affected", "versionType": "git"}, {"version": "4fd0654b8f2129b68203974ddee15f804ec011c2", "lessThan": "a53cb72043443ac787ec0b5fa17bb3f8ff3d462b", "status": "affected", "versionType": "git"}, {"version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "7d7d201eb3b766abe590ac0dda7a508b7db3e357", "status": "affected", "versionType": "git"}, {"version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "c94ab07edc2843e2f3d46dbd82e5c681503aaadf", "status": "affected", "versionType": "git"}, {"version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca", "status": "affected", "versionType": "git"}, {"version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "5a54367a7c2378c65aaa4d3cfd952f26adef7aa7", "status": "affected", "versionType": "git"}, {"version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "2013c95df6752d9c88221d0f0f37b6f197969390", "status": "affected", "versionType": "git"}, {"version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "19e65c45a1507a1a2926649d2db3583ed9d55fd9", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/davicom/dm9000.c"], "versions": [{"version": "5.12", "status": "affected"}, {"version": "0", "lessThan": "5.12", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.291", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.235", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.179", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.129", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.76", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.13", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13.2", "lessThanOrEqual": "6.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9"}, {"url": "https://git.kernel.org/stable/c/a53cb72043443ac787ec0b5fa17bb3f8ff3d462b"}, {"url": "https://git.kernel.org/stable/c/7d7d201eb3b766abe590ac0dda7a508b7db3e357"}, {"url": "https://git.kernel.org/stable/c/c94ab07edc2843e2f3d46dbd82e5c681503aaadf"}, {"url": "https://git.kernel.org/stable/c/c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca"}, {"url": "https://git.kernel.org/stable/c/5a54367a7c2378c65aaa4d3cfd952f26adef7aa7"}, {"url": "https://git.kernel.org/stable/c/2013c95df6752d9c88221d0f0f37b6f197969390"}, {"url": "https://git.kernel.org/stable/c/19e65c45a1507a1a2926649d2db3583ed9d55fd9"}], "title": "net: davicom: fix UAF in dm9000_drv_remove", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-21715", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-27T17:58:14.582749Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-27T18:02:28.224Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-21715", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-27T17:58:14.582749Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-27T17:58:16.254Z"}}], "cna": {"title": "net: davicom: fix UAF in dm9000_drv_remove", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d28e783c20033b90a64d4e1307bafb56085d8184", "lessThan": "db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9", "versionType": "git"}, {"status": "affected", "version": "4fd0654b8f2129b68203974ddee15f804ec011c2", "lessThan": "a53cb72043443ac787ec0b5fa17bb3f8ff3d462b", "versionType": "git"}, {"status": "affected", "version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "7d7d201eb3b766abe590ac0dda7a508b7db3e357", "versionType": "git"}, {"status": "affected", "version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "c94ab07edc2843e2f3d46dbd82e5c681503aaadf", "versionType": "git"}, {"status": "affected", "version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca", "versionType": "git"}, {"status": "affected", "version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "5a54367a7c2378c65aaa4d3cfd952f26adef7aa7", "versionType": "git"}, {"status": "affected", "version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "2013c95df6752d9c88221d0f0f37b6f197969390", "versionType": "git"}, {"status": "affected", "version": "cf9e60aa69ae6c40d3e3e4c94dd6c8de31674e9b", "lessThan": "19e65c45a1507a1a2926649d2db3583ed9d55fd9", "versionType": "git"}], "programFiles": ["drivers/net/ethernet/davicom/dm9000.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.12"}, {"status": "unaffected", "version": "0", "lessThan": "5.12", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.291", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.235", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.179", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.129", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.76", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.12.13", "versionType": "semver", "lessThanOrEqual": "6.12.*"}, {"status": "unaffected", "version": "6.13.2", "versionType": "semver", "lessThanOrEqual": "6.13.*"}, {"status": "unaffected", "version": "6.14", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/ethernet/davicom/dm9000.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9"}, {"url": "https://git.kernel.org/stable/c/a53cb72043443ac787ec0b5fa17bb3f8ff3d462b"}, {"url": "https://git.kernel.org/stable/c/7d7d201eb3b766abe590ac0dda7a508b7db3e357"}, {"url": "https://git.kernel.org/stable/c/c94ab07edc2843e2f3d46dbd82e5c681503aaadf"}, {"url": "https://git.kernel.org/stable/c/c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca"}, {"url": "https://git.kernel.org/stable/c/5a54367a7c2378c65aaa4d3cfd952f26adef7aa7"}, {"url": "https://git.kernel.org/stable/c/2013c95df6752d9c88221d0f0f37b6f197969390"}, {"url": "https://git.kernel.org/stable/c/19e65c45a1507a1a2926649d2db3583ed9d55fd9"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: davicom: fix UAF in dm9000_drv_remove\n\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\n\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\n\nThis bug is detected by our static analysis tool."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-24T15:39:14.273Z"}}}, "cveMetadata": {"cveId": "CVE-2025-21715", "state": "PUBLISHED", "dateUpdated": "2025-03-24T15:39:14.273Z", "dateReserved": "2024-12-29T08:45:45.752Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2025-02-27T02:07:26.174Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C020C31F-47CF-42F2-A390-66AC716AD29F", "versionEndExcluding": "4.5", "versionStartIncluding": "4.4.262", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "86BFA76D-C97D-4F78-A857-7DC7B5711DC0", "versionEndExcluding": "4.10", "versionStartIncluding": "4.9.262", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9608EF4-37A2-4904-B924-93CA34F65EBE", "versionEndExcluding": "4.15", "versionStartIncluding": "4.14.226", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CD1844D-5434-4975-BB93-6CD6962BDD86", "versionEndExcluding": "4.20", "versionStartIncluding": "4.19.181", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A68494EB-28C2-4CA7-84BF-CA5A0F101C2C", "versionEndExcluding": "5.4.291", "versionStartIncluding": "5.4.106", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0876206-0FB7-4903-A5F8-D8D144259E0C", "versionEndExcluding": "5.10.235", "versionStartIncluding": "5.10.24", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E62061D9-0931-468F-87F0-9FB3065DF87B", "versionEndExcluding": "5.15.179", "versionStartIncluding": "5.11.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DA5009C-C9B9-4A1D-9B96-78427E8F232C", "versionEndExcluding": "6.1.129", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6D70701-9CB6-4222-A957-00A419878993", "versionEndExcluding": "6.6.76", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373", "versionEndExcluding": "6.12.13", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3", "versionEndExcluding": "6.13.2", "versionStartIncluding": "6.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: davicom: fix UAF in dm9000_drv_remove\n\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\n\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\n\nThis bug is detected by our static analysis tool."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: davicom: fix UAF in dm9000_drv_remove dm son datos privados de netdev y no se pueden usar despu\u00e9s de la llamada a free_netdev(). El uso de dm despu\u00e9s de free_netdev() puede provocar un error de UAF. Solucione el problema moviendo free_netdev() al final de la funci\u00f3n. Esto es similar al problema solucionado en el commit ad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\"). Nuestra herramienta de an\u00e1lisis est\u00e1tico detecta este error."}], "id": "CVE-2025-21715", "lastModified": "2025-04-01T18:29:30.707", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-02-27T02:15:15.167", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/19e65c45a1507a1a2926649d2db3583ed9d55fd9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2013c95df6752d9c88221d0f0f37b6f197969390"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5a54367a7c2378c65aaa4d3cfd952f26adef7aa7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7d7d201eb3b766abe590ac0dda7a508b7db3e357"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a53cb72043443ac787ec0b5fa17bb3f8ff3d462b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c411f9a5fdc9158e8f7c57eac961d3df3eb4d8ca"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c94ab07edc2843e2f3d46dbd82e5c681503aaadf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/db79e982c5f9e39ab710cbce55b05f2f5e6f1ca9"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: net: davicom: fix UAF in dm9000_drv_remove", "id": "2348544", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348544"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: davicom: fix UAF in dm9000_drv_remove\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\nThis bug is detected by our static analysis tool."], "name": "CVE-2025-21715", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-21715\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-21715\nhttps://lore.kernel.org/linux-cve-announce/2025022645-CVE-2025-21715-2837@gregkh/T"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object