Volerion logoVolerion
Volerion logoVolerion

Linux Kernel fsl_lpuart DMA Use-After-Free Vulnerability

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's handling of the fsl_lpuart serial driver. This issue arises because the lpuart_dma_shutdown function, which is responsible for disabling DMA operations, does not properly manage the DMA use flags. As a result, if the lpuart_flush_buffer function is called while the DMA is being torn down, it can lead to a kernel panic. The vulnerability affects several versions of the Linux kernel, including 5.15.32 and prior versions in the 5.15 series.

Impact

Exploitation of this vulnerability can cause a kernel panic, leading to a system crash.

Reproduction

To reproduce this vulnerability, use the btattach command to attach a Bluetooth device to the fsl_lpuart driver. While the attachment process is ongoing, interrupt the command (for example, by pressing Ctrl+C). This action will trigger the kernel panic, demonstrating the use-after-free vulnerability.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version to mitigate this issue.

Added: Sep 18, 2025, 4:22 PM
Updated: Sep 18, 2025, 4:22 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.