{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-39951","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.148Z","datePublished":"2025-10-04T07:31:11.684Z","dateUpdated":"2026-05-11T21:39:34.768Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:39:34.768Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\num: virtio_uml: Fix use-after-free after put_device in probe\n\nWhen register_virtio_device() fails in virtio_uml_probe(),\nthe code sets vu_dev->registered = 1 even though\nthe device was not successfully registered.\nThis can lead to use-after-free or other issues."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/um/drivers/virtio_uml.c"],"versions":[{"version":"04e5b1fb01834a602acaae2276b67a783a8c6159","lessThan":"14c231959a16ca41bfdcaede72483362a8c645d7","status":"affected","versionType":"git"},{"version":"04e5b1fb01834a602acaae2276b67a783a8c6159","lessThan":"5e94e44c9cb30d7a383d8ac227f24a8c9326b770","status":"affected","versionType":"git"},{"version":"04e5b1fb01834a602acaae2276b67a783a8c6159","lessThan":"aaf900a83508c8cd5cdf765e7749f9076196ec7f","status":"affected","versionType":"git"},{"version":"04e5b1fb01834a602acaae2276b67a783a8c6159","lessThan":"4f364023ddcfe83f7073b973a9cb98584b7f2a46","status":"affected","versionType":"git"},{"version":"04e5b1fb01834a602acaae2276b67a783a8c6159","lessThan":"00e98b5a69034b251bb36dc6e7123d7648e218e4","status":"affected","versionType":"git"},{"version":"04e5b1fb01834a602acaae2276b67a783a8c6159","lessThan":"c2ff91255e0157b356cff115d8dc3eeb5162edf2","status":"affected","versionType":"git"},{"version":"04e5b1fb01834a602acaae2276b67a783a8c6159","lessThan":"7ebf70cf181651fe3f2e44e95e7e5073d594c9c0","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/um/drivers/virtio_uml.c"],"versions":[{"version":"5.5","status":"affected"},{"version":"0","lessThan":"5.5","status":"unaffected","versionType":"semver"},{"version":"5.10.245","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.194","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.154","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.108","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.49","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.16.9","lessThanOrEqual":"6.16.*","status":"unaffected","versionType":"semver"},{"version":"6.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.245"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.15.194"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"6.1.154"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"6.6.108"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"6.12.49"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"6.16.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"6.17"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/14c231959a16ca41bfdcaede72483362a8c645d7"},{"url":"https://git.kernel.org/stable/c/5e94e44c9cb30d7a383d8ac227f24a8c9326b770"},{"url":"https://git.kernel.org/stable/c/aaf900a83508c8cd5cdf765e7749f9076196ec7f"},{"url":"https://git.kernel.org/stable/c/4f364023ddcfe83f7073b973a9cb98584b7f2a46"},{"url":"https://git.kernel.org/stable/c/00e98b5a69034b251bb36dc6e7123d7648e218e4"},{"url":"https://git.kernel.org/stable/c/c2ff91255e0157b356cff115d8dc3eeb5162edf2"},{"url":"https://git.kernel.org/stable/c/7ebf70cf181651fe3f2e44e95e7e5073d594c9c0"}],"title":"um: virtio_uml: Fix use-after-free after put_device in probe","x_generator":{"engine":"bippy-1.2.0"}}}}