CVE-2025-39872

🗓️ 23 Sep 2025 06:00:45Reported by LinuxType

CVE-2025-39872 fixes holding rcu and device lock in hsr_get_port_ndev to prevent use after free.

Reporter	Title	Published	Views	Family All 20
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
CNNVD	Linux kernel 安全漏洞	23 Sep 202500:00	–	cnnvd
Cvelist	CVE-2025-39872 hsr: hold rcu and dev lock for hsr_get_port_ndev	23 Sep 202506:00	–	cvelist
Debian	[SECURITY] [DSA 6126-1] linux security update	9 Feb 202618:21	–	debian
Debian CVE	CVE-2025-39872	23 Sep 202506:00	–	debiancve
Tenable Nessus	Debian dsa-6126 : ata-modules-6.12.31-armmp-di - security update	9 Feb 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2025-39872	25 Sep 202500:00	–	nessus
EUVD	EUVD-2025-30859	3 Oct 202520:07	–	euvd
NVD	CVE-2025-39872	23 Sep 202506:15	–	nvd
OpenVAS	Debian: Security Advisory (DSA-6126-1)	10 Feb 202600:00	–	openvas

NVD

Vulners

CNA

Node

linux linux_kernelRange6.14–6.16.8

linux linux_kernelMatch6.17rc1

linux linux_kernelMatch6.17rc2

linux linux_kernelMatch6.17rc3

linux linux_kernelMatch6.17rc4

linux linux_kernelMatch6.17rc5

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/ti/icssg/icssg_prueth.c",
      "net/hsr/hsr_device.c"
    ],
    "versions": [
      {
        "version": "ef964411c8ca775967355d855abc56aeaca3c867",
        "lessThan": "9433ba79c2ec3ec7c9a711748701549339c3438c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9c10dd8eed74de9e8adeb820939f8745cd566d4a",
        "lessThan": "68a6729afd3e8e9a2a32538642ce92b96ccf9b1d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9c10dd8eed74de9e8adeb820939f8745cd566d4a",
        "lessThan": "847748fc66d08a89135a74e29362a66ba4e3ab15",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6.12.63",
        "lessThan": "6.12.64",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/ti/icssg/icssg_prueth.c",
      "net/hsr/hsr_device.c"
    ],
    "versions": [
      {
        "version": "6.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.14",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.64",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.16.8",
        "lessThanOrEqual": "6.16.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.17",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/9433ba79c2ec3ec7c9a711748701549339c3438c
git	www.git.kernel.org/stable/c/68a6729afd3e8e9a2a32538642ce92b96ccf9b1d
git	www.git.kernel.org/stable/c/847748fc66d08a89135a74e29362a66ba4e3ab15

23 May 2026 16:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.15.5

EPSS0.00024