CVE-2025-39873
BaseFortify
Publication date: 2025-09-23
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xilinx | xilinx_can | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free issue in the Linux kernel's xilinx_can driver, specifically in the xcan_write_frame() function. The function can_put_echo_skb() takes ownership of a socket buffer (SKB) and may free it during or after its call. However, xcan_write_frame() continues to use the SKB after can_put_echo_skb() has been called, leading to use of freed memory. The fix involves ensuring can_put_echo_skb() is only called after the code has finished using the SKB to prevent this unsafe memory access.
How can this vulnerability impact me? :
This use-after-free vulnerability can lead to undefined behavior such as system crashes, memory corruption, or potential execution of arbitrary code within the Linux kernel. This can compromise system stability and security, potentially allowing attackers to disrupt services or escalate privileges.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that fixes the use-after-free vulnerability in the xilinx_can driver by ensuring that can_put_echo_skb() is only called after the SKB is no longer used in xcan_write_frame(). This involves updating the Linux kernel to a version that includes the fix described in the commit referenced in the CVE.