PT-2025-42270 · Linux+4 · Linux Kernel+4

Published

2025-09-17

·

Updated

2026-05-07

·

CVE-2025-39996

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a use-after-free flaw within the b2c2 component, specifically in the flexcop pci remove function. The issue arises because cancel delayed work() does not guarantee completion of the irq check work delayed work item before the flexcop device is freed, leading to a potential dereference of freed memory. A race condition can occur where flexcop pci remove() frees the device while irq check work() is still active. This was identified through static analysis and confirmed by a KASAN report. The root cause is the use of cancel delayed work() instead of cancel delayed work sync(), which ensures the delayed work item finishes before memory deallocation.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-02703
CVE-2025-39996
DLA-4379-1
DLA-4404-1
DSA-6053-1
ECHO-A12E-14F0-99F2
MGASA-2025-0309
MGASA-2025-0310
OPENSUSE-SU-2025:15671-1
OPENSUSE-SU-2025:20091-1
OPENSUSE-SU-2026:10301-1
SUSE-SU-2025:21040-1
SUSE-SU-2025:21052-1
SUSE-SU-2025:21056-1
SUSE-SU-2025:21064-1
SUSE-SU-2025:21080-1
SUSE-SU-2025:21147-1
SUSE-SU-2025:21180-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4128-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4140-1
SUSE-SU-2025:4141-1
SUSE-SU-2025:4301-1
USN-8033-1
USN-8033-2
USN-8033-3
USN-8033-4
USN-8033-5
USN-8033-6
USN-8033-7
USN-8033-8
USN-8034-1
USN-8034-2
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Suse
Ubuntu