PT-2025-18409 · Linux+5 · Linux Kernel+5

Anubis

·

Published

2025-03-24

·

Updated

2026-05-26

·

CVE-2025-23155

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A memory corruption issue has been identified in the Linux kernel, specifically in the stmmac driver. The problem arises from accessing a freed irq affinity hint, which is caused by the cpumask being a local variable. Its pointer is saved to irq desc and may be accessed from procfs. To address this, the persistent mask cpumask of(cpu#) should be used instead.
Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for accessing freed irq affinity hint in the stmmac driver. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

AZL-62601
AZL-69668
BDU:2026-02375
CVE-2025-23155
ECHO-F5A6-1596-007F
OESA-2025-1878
OESA-2025-1879
OESA-2025-1880
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20421-1
SUSE-SU-2025:3716-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02538-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu