CVE-2025-39872 hsr: hold rcu and dev lock for hsr_get_port_ndev

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

PT-2025-39129

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to resource handling within the hsr subsystem. Specifically, the hsr get port ndev function does not properly manage locks, potentially leading ...