PT-2025-44381 · Unknown+4 · Ixgbe Driver+4

Published

2025-10-13

Updated

2026-03-07

CVE-2025-40091

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc2-tnguy.net-queue+

Description A use-after-free issue exists in the Linux kernel's ixgbe driver. Specifically, the devlink free() function is called prematurely within the ixgbe remove() path. This occurs because the ixgbe adapter is embedded within devlink, and freeing it too early can lead to a use-after-free condition. The issue was identified through a Kernel Address Sanitizer (KASAN) report during testing. The vulnerable function is ixgbe reset interrupt capability().

Recommendations Update to a version of the Linux kernel newer than 6.17.0-rc2-tnguy.net-queue+.

Exploit

Fix

Use After Free

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-119

Related Identifiers

BDU:2026-03693

CVE-2025-40091

OPENSUSE-SU-2025:15702-1

OPENSUSE-SU-2025:20091-1

OPENSUSE-SU-2026:10301-1

SUSE-SU-2025:21080-1

SUSE-SU-2025:21147-1

SUSE-SU-2025:21180-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

Affected Products

Linuxmint

Linux Kernel

Suse

Ubuntu

Ixgbe Driver

PT-2025-44381 · Unknown+4 · Ixgbe Driver+4

CVE-2025-40091

Weakness Enumeration

Related Identifiers

Affected Products

References · 1571