PT-2025-49445 · Linux+4 · Linux Kernel+4

Published

2025-10-28

·

Updated

2026-03-24

·

CVE-2025-40316

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw exists in the Linux kernel’s drm/mediatek subsystem that could lead to a use-after-free condition during device unbinding. A recent fix for device reference leaks during bind operations did not fully address the issue, leaving a reference imbalance on component bind failures and unbind. This imbalance could result in a use-after-free scenario. The issue stems from incorrectly dropping references after retrieving driver data, effectively reverting a previous partial fix. Holding a reference to a device does not prevent its driver data from being released, making the reference unnecessary.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-02390
CVE-2025-40316
MGASA-2026-0017
MGASA-2026-0018
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1

Affected Products

Debian
Linuxmint
Linux Kernel
Ubuntu
Mediatek