CVE-2025-22097

HIGH EPSS 6.7%
Published Apr 16, 20251y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Apr 16, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it. Fix both possible errors by initializing default_config only when the driver initialization succeeded.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
6.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥5.12  –  <5.15.180
linuxlinux_kernel*≥5.16  –  <6.1.134
linuxlinux_kernel*≥6.2  –  <6.6.87
linuxlinux_kernel*≥6.7  –  <6.12.23
linuxlinux_kernel*≥6.13  –  <6.13.11
linuxlinux_kernel*≥6.14  –  <6.14.2

References 8

  • git.kernel.org https://git.kernel.org/stable/c/1f68f1cf09d06061eb549726ff8339e064eddebd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49a69f67f53518bdd9b7eeebf019a2da6cc0e954
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/561fc0c5cf41f646f3e9e61784cbc0fc832fb936
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79d138d137b80eeb0a83244d1cff29e64cf91067
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b8a18bb53e06d6d3c1fd03d12533d6e333ba8853
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d5eb8e347905ab17788a7903fa1d3d06747355f5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ed15511a773df86205bda66c37193569575ae828
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1f68f1cf09d06061eb549726ff8339e064eddebd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49a69f67f53518bdd9b7eeebf019a2da6cc0e954
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/561fc0c5cf41f646f3e9e61784cbc0fc832fb936
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79d138d137b80eeb0a83244d1cff29e64cf91067
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b8a18bb53e06d6d3c1fd03d12533d6e333ba8853
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d5eb8e347905ab17788a7903fa1d3d06747355f5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ed15511a773df86205bda66c37193569575ae828
    Patch