CVE-2025-40211
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-40211, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-11-21

Last updated on: 2025-12-06

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpi_video_switch_brightness() The switch_brightness_work delayed work accesses device->brightness and device->backlight, freed by acpi_video_dev_unregister_backlight() during device removal. If the work executes after acpi_video_bus_unregister_backlight() frees these resources, it causes a use-after-free when acpi_video_switch_brightness() dereferences device->brightness or device->backlight. Fix this by calling cancel_delayed_work_sync() for each device's switch_brightness_work in acpi_video_bus_remove_notify_handler() after removing the notify handler that queues the work. This ensures the work completes before the memory is freed. [ rjw: Changelog edit ]

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-11-21
Last Modified
2025-12-06
Generated
2026-07-06
AI Q&A
2025-11-21
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a use-after-free issue in the Linux kernel's ACPI video component. Specifically, a delayed work function called switch_brightness_work accesses device brightness and backlight resources that may have already been freed during device removal. If the delayed work runs after these resources are freed, it dereferences invalid memory, causing a use-after-free error. The fix involves ensuring the delayed work is canceled and completed before the resources are freed.

Impact Analysis

This vulnerability can lead to system instability or crashes due to the use-after-free error when the kernel accesses freed memory. It may also potentially be exploited to execute arbitrary code or cause denial of service, depending on the context and attacker capabilities.

Mitigation Strategies

Apply the patch or update to the fixed Linux kernel version that includes the fix for the use-after-free in acpi_video_switch_brightness(). This fix involves calling cancel_delayed_work_sync() for each device's switch_brightness_work to ensure the work completes before memory is freed, preventing the use-after-free condition.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-40211. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart