We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-38137

PCI/pwrctrl: Cancel outstanding rescan work when unregistering



Description

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel outstanding rescan work when unregistering It's possible to trigger use-after-free here by: (a) forcing rescan_work_func() to take a long time and (b) utilizing a pwrctrl driver that may be unloaded for some reason Cancel outstanding work to ensure it is finished before we allow our data structures to be cleaned up. [bhelgaas: tidy commit log]

Reserved 2025-04-16 | Published 2025-07-03 | Updated 2025-07-03 | Assigner Linux

Product status

Default status
unaffected

8f62819aaace77dd85037ae766eb767f8c4417ce before b3ad6d23fec23fbef382ce9ea640c37446593cf5
affected

8f62819aaace77dd85037ae766eb767f8c4417ce before 8b926f237743f020518162c62b93cb7107a2b5eb
affected

Default status
affected

6.11
affected

Any version before 6.11
unaffected

6.15.3
unaffected

6.16-rc1
unaffected

References

git.kernel.org/...c/b3ad6d23fec23fbef382ce9ea640c37446593cf5

git.kernel.org/...c/8b926f237743f020518162c62b93cb7107a2b5eb

cve.org (CVE-2025-38137)

nvd.nist.gov (CVE-2025-38137)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-38137

Support options

Helpdesk Chat, Email, Knowledgebase