Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fixed a Use-after-Free error in dm9000drvremove. dm is private data for netdev, and it cannot be used after the freenetdev call. Using dm after freenetdev can cause a Use-after-Free bug. This issue was fixed by movi...

ROS-20260119-7317

A vulnerability in the dm9000drvremove function of the drivers/net/ethernet/davicom/dm9000.c module - driver supporting Ethernet Davicom network adapters of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the...

EUVD-2025-5225

Malicious code in bioql PyPI...

net: davicom: fix UAF in dm9000_drv_remove

...

Vulnerability of the dm9000_drv_remove() function in the drivers/net/ethernet/davicom/dm9000.c module – This driver provides support for Ethernet adapter devices in Linux operating systems. It can be exploited by attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the dm9000drvremove function in the drivers/net/ethernet/davicom/dm9000.c module – The Ethernet adapter driver from Davicom’s Linux kernel has a vulnerability related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromi...

SUSE CVE-2025-21715

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000drvremove dm is netdev private data and it cannot be used after freenetdev call. Using dm after freenetdev can cause UAF bug. Fix it by moving freenetdev at the end of the function. This is similar ...

DEBIAN-CVE-2025-21715

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000drvremove dm is netdev private data and it cannot be used after freenetdev call. Using dm after freenetdev can cause UAF bug. Fix it by moving freenetdev at the end of the function. This is similar ...

CVE-2025-21715

CVE-2025-21715 is reported in the Astra Linux bulletin as a Linux kernel issue affecting the davicom net driver. The root cause is a use-after-free (UAF) of the netdev private data stored in the dm object inside dm9000_drv_remove. The code can dereference dm after free_netdev() has been called, l...

CVE-2025-21715 net: davicom: fix UAF in dm9000_drv_remove

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000drvremove dm is netdev private data and it cannot be used after freenetdev call. Using dm after freenetdev can cause UAF bug. Fix it by moving freenetdev at the end of the function. This is similar ...

Unbreakable Enterprise kernel-container security update

5.4.17-2102.203.5 - rds/ib: move rdsibclearirqmiss to .h file Manjunath Patil Orabug: 33044344 5.4.17-2102.203.4 - rds/ib: recover rds connection from interrupt loss scenario Manjunath Patil Orabug: 32974199 - Revert 'Allow mce to reset instead of panic on UE' William Roche Orabug: 32820275 - bpf...