In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: Fix potential use after free in otx2_tc_add_flow()
This code calls kfree_rcu(new_node, rcu) and then dereferences "new_node"
and then dereferences it on the next line. Two lines later, we take
a mutex so I don't think this is an RCU safe region. Re-order it to do
the dereferences before queuing up the free.
octeontx2-pf: Fix potential use after free in otx2_tc_add_flow()
This code calls kfree_rcu(new_node, rcu) and then dereferences "new_node"
and then dereferences it on the next line. Two lines later, we take
a mutex so I don't think this is an RCU safe region. Re-order it to do
the dereferences before queuing up the free.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 15 Oct 2025 08:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() This code calls kfree_rcu(new_node, rcu) and then dereferences "new_node" and then dereferences it on the next line. Two lines later, we take a mutex so I don't think this is an RCU safe region. Re-order it to do the dereferences before queuing up the free. | |
| Title | octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() | |
| References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published:
Updated: 2025-10-15T07:55:58.949Z
Reserved: 2025-04-16T07:20:57.150Z
Link: CVE-2025-39978
Vulnrichment
No data.
NVD
Status : Received
Published: 2025-10-15T08:15:35.640
Modified: 2025-10-15T08:15:35.640
Link: CVE-2025-39978
Redhat
No data.
OpenCVE Enrichment
No data.