U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2025-37838 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition In the ssi_protocol_probe() function, &ssi->work is bound with ssip_xmit_work(), In ssip_pn_setup(), the ssip_pn_xmit() function within the ssip_pn_ops structure is capable of starting the work. If we remove the module which will call ssi_protocol_remove() to make a cleanup, it will free ssi through kfree(ssi), while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | ssip_xmit_work ssi_protocol_remove | kfree(ssi); | | struct hsi_client *cl = ssi->cl; | // use ssi Fix it by ensuring that the work is canceled before proceeding with the cleanup in ssi_protocol_remove().


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/4a8c29beb8a02b5a0a9d77d608aa14b6f88a6b86 kernel.org
https://git.kernel.org/stable/c/4b4194c9a7a8f92db39e8e86c85f4fb12ebbec4f kernel.org Patch 
https://git.kernel.org/stable/c/58eb29dba712ab0f13af59ca2fe545f5ce360e78 kernel.org Patch 
https://git.kernel.org/stable/c/72972552d0d0bfeb2dec5daf343a19018db36ffa kernel.org
https://git.kernel.org/stable/c/834e602d0cc7c743bfce734fad4a46cefc0f9ab1 kernel.org Patch 
https://git.kernel.org/stable/c/ae5a6a0b425e8f76a9f0677e50796e494e89b088 kernel.org Patch 
https://git.kernel.org/stable/c/d03abc1c2b21324550fa71e12d53e7d3498e0af6 kernel.org
https://git.kernel.org/stable/c/d58493832e284f066e559b8da5ab20c15a2801d3 kernel.org Patch 
https://git.kernel.org/stable/c/e3f88665a78045fe35c7669d2926b8d97b892c11 kernel.org Patch 
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html CVE
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html CVE

Weakness Enumeration

CWE-ID CWE Name Source
CWE-416 Use After Free CISA-ADP  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

7 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2025-37838
NVD Published Date:
04/18/2025
NVD Last Modified:
11/03/2025
Source:
kernel.org