VDB

CVE-2025-39740

CVE-2025-39740 PUBLISHED CVSS 7.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent potential UAF If we hit the error path, the previous fence (if there is one) has already been put() prior to this, so doing a fence_wait could lead to UAF. Tweak the flow to do to the put() until after we do the wait. (cherry picked from commit 9b7ca35ed28fe5fad86e9d9c24ebd1271e4c9c3e)

EPSS 0.03% · 7.8th percentile

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.03%
7.8th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel6.16, 6.16, 6.16
LinuxLinux270172f64b114451876c1b68912653e72ab99f38, 270172f64b114451876c1b68912653e72ab99f38, 6.16

Timeline

  • Jan 21, 1970 Security Advisory
  • Sep 11, 2025 Coalition ESS Score
  • Sep 11, 2025 CVE Published
  • Sep 12, 2025 EPSS Score
  • Sep 19, 2025 EPSS Score
  • Sep 26, 2025 EPSS Score
  • Oct 4, 2025 EPSS Score
  • Oct 4, 2025 Coalition ESS Score
  • Oct 6, 2025 Coalition ESS Score
  • Oct 11, 2025 EPSS Score
  • Oct 12, 2025 Coalition ESS Score
  • Oct 16, 2025 Coalition ESS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›