Linux Kernel Use-After-Free Vulnerability in Davicom DM9000 Driver

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel within the Davicom DM9000 network driver. This issue arises because the driver's private data, referred to as 'dm', is accessed after the associated network device has been freed. Such access can lead to a use-after-free bug. The vulnerability has been addressed by modifying the driver's removal process to ensure that the network device is not freed until all necessary operations are complete. This issue was detected through static analysis.

Impact

Exploitation of this vulnerability can lead to a use-after-free condition, potentially allowing for memory corruption or arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Use-After-Free Vulnerability in Davicom DM9000 Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating