CVE-2025-39984

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained a use-after-free issue identified through syzbot reporting. The issue occurs after commit e6d5dbdd20aa, which added multi-buff support for XDP running in generic mode. Specifically, the original skb may be freed in skb pp cow data() when an XDP program is attached, while the napi->skb still points to the original skb. This occurs because the napi->skb is not updated after the XDP process. The vulnerability is related to the tun get user() function and impacts network packet processing. The issue was identified through KASAN (Kernel Address Sanitizer) reports, indicating a slab-use-after-free condition in functions such as skb reset mac header, napi frags skb, and napi gro frags.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.