CVE-2025-40223
In CVE-2025-40223, the Linux kernel MOST/hdm_disconnect path could suffer use-after-free or double-free when unregistering the MOST interface device. The fix relocates frees of mdev-owned allocations into release_mdev() so they run once when the device is truly released, and removes redundant put...