CVE-2025-40037

CVSS v2.0

7.7

High

Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.3

Description The Linux kernel contains a use-after-free flaw within the simplefb driver, specifically in the simplefb detach genpds() function. This issue arises because the pm domain cleanup is not properly managed as devres, leading to access of an invalid pointer after the device is removed. The flaw was triggered during aperture removal on M2 Mac mini systems running the asahi kernel with Debian's kernel configuration, consistently causing a kernel crash starting with version 6.16.3. The issue involves a double free of memory associated with the framebuffer device.

Recommendations Update to a version of the Linux kernel newer than 6.16.3.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-02776

CVE-2025-40037

OPENSUSE-SU-2025:15702-1

OPENSUSE-SU-2025:20091-1

OPENSUSE-SU-2026:10301-1

SUSE-SU-2025:21080-1

SUSE-SU-2025:21147-1

SUSE-SU-2025:21180-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

M2 Mac Mini

Suse

Ubuntu

Asahi Kernel

CVE-2025-40037

Weakness Enumeration

Related Identifiers

Affected Products

References · 2747