[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-39996":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":14,"duplicates":107,"related":108,"reserved_at":9,"published_at":127,"modified_at":128,"state":129,"summary":130,"references_raw":134,"kevs":173,"epss":174,"epss_history":177,"metrics":450,"affected":451},"CVE-2025-39996","In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove\n\nThe original code uses cancel_delayed_work() in flexcop_pci_remove(), which\ndoes not guarantee that the delayed work item irq_check_work has fully\ncompleted if it was already running. This leads to use-after-free scenarios\nwhere flexcop_pci_remove() may free the flexcop_device while irq_check_work\nis still active and attempts to dereference the device.\n\nA typical race condition is illustrated below:\n\nCPU 0 (remove)                         | CPU 1 (delayed work callback)\nflexcop_pci_remove()                   | flexcop_pci_irq_check_work()\n  cancel_delayed_work()                |\n  flexcop_device_kfree(fc_pci->fc_dev) |\n                                       |   fc = fc_pci->fc_dev; // UAF\n\nThis is confirmed by a KASAN report:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in __run_timer_base.part.0+0x7d7/0x8c0\nWrite of size 8 at addr ffff8880093aa8c8 by task bash/135\n...\nCall Trace:\n \u003CIRQ>\n dump_stack_lvl+0x55/0x70\n print_report+0xcf/0x610\n ? __run_timer_base.part.0+0x7d7/0x8c0\n kasan_report+0xb8/0xf0\n ? __run_timer_base.part.0+0x7d7/0x8c0\n __run_timer_base.part.0+0x7d7/0x8c0\n ? __pfx___run_timer_base.part.0+0x10/0x10\n ? __pfx_read_tsc+0x10/0x10\n ? ktime_get+0x60/0x140\n ? lapic_next_event+0x11/0x20\n ? clockevents_program_event+0x1d4/0x2a0\n run_timer_softirq+0xd1/0x190\n handle_softirqs+0x16a/0x550\n irq_exit_rcu+0xaf/0xe0\n sysvec_apic_timer_interrupt+0x70/0x80\n \u003C/IRQ>\n...\n\nAllocated by task 1:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x7f/0x90\n __kmalloc_noprof+0x1be/0x460\n flexcop_device_kmalloc+0x54/0xe0\n flexcop_pci_probe+0x1f/0x9d0\n local_pci_probe+0xdc/0x190\n pci_device_probe+0x2fe/0x470\n really_probe+0x1ca/0x5c0\n __driver_probe_device+0x248/0x310\n driver_probe_device+0x44/0x120\n __driver_attach+0xd2/0x310\n bus_for_each_dev+0xed/0x170\n bus_add_driver+0x208/0x500\n driver_register+0x132/0x460\n do_one_initcall+0x89/0x300\n kernel_init_freeable+0x40d/0x720\n kernel_init+0x1a/0x150\n ret_from_fork+0x10c/0x1a0\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 135:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3a/0x60\n __kasan_slab_free+0x3f/0x50\n kfree+0x137/0x370\n flexcop_device_kfree+0x32/0x50\n pci_device_remove+0xa6/0x1d0\n device_release_driver_internal+0xf8/0x210\n pci_stop_bus_device+0x105/0x150\n pci_stop_and_remove_bus_device_locked+0x15/0x30\n remove_store+0xcc/0xe0\n kernfs_fop_write_iter+0x2c3/0x440\n vfs_write+0x871/0xd70\n ksys_write+0xee/0x1c0\n do_syscall_64+0xac/0x280\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the delayed work item is properly canceled and any executing delayed\nwork has finished before the device memory is deallocated.\n\nThis bug was initially identified through static analysis. To reproduce\nand test it, I simulated the B2C2 FlexCop PCI device in QEMU and introduced\nartificial delays within the flexcop_pci_irq_check_work() function to\nincrease the likelihood of triggering the bug.",null,[],[],[],[],[15,17,19,21,23,25,27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99,101,103,105],{"_key":16},"DLA-4379-1",{"_key":18},"DSA-6053-1",{"_key":20},"SUSE-SU-2025:4057-1",{"_key":22},"SUSE-SU-2025:4132-1",{"_key":24},"SUSE-SU-2025:4128-1",{"_key":26},"SUSE-SU-2025:4301-1",{"_key":28},"OPENSUSE-SU-2026:10301-1",{"_key":30},"SUSE-SU-2025:21040-1",{"_key":32},"SUSE-SU-2025:21052-1",{"_key":34},"SUSE-SU-2025:21056-1",{"_key":36},"SUSE-SU-2025:21064-1",{"_key":38},"SUSE-SU-2025:21080-1",{"_key":40},"SUSE-SU-2025:21147-1",{"_key":42},"SUSE-SU-2025:21180-1",{"_key":44},"SUSE-SU-2025:4141-1",{"_key":46},"SUSE-SU-2025:4140-1",{"_key":48},"OPENSUSE-SU-2025:15671-1",{"_key":50},"OPENSUSE-SU-2025:20091-1",{"_key":52},"MGASA-2025-0309",{"_key":54},"MGASA-2025-0310",{"_key":56},"USN-8033-1",{"_key":58},"USN-8033-2",{"_key":60},"USN-8033-3",{"_key":62},"USN-8033-4",{"_key":64},"USN-8033-5",{"_key":66},"USN-8033-6",{"_key":68},"USN-8033-7",{"_key":70},"USN-8033-8",{"_key":72},"USN-8034-1",{"_key":74},"USN-8034-2",{"_key":76},"DEBIAN-CVE-2025-39996",{"_key":78},"USN-8095-1",{"_key":80},"USN-8095-2",{"_key":82},"USN-8095-3",{"_key":84},"USN-8095-4",{"_key":86},"USN-8095-5",{"_key":88},"USN-8100-1",{"_key":90},"USN-8125-1",{"_key":92},"USN-8165-1",{"_key":94},"USN-8141-1",{"_key":96},"USN-8163-1",{"_key":98},"USN-8163-2",{"_key":100},"USN-8126-1",{"_key":102},"USN-8243-1",{"_key":104},"UBUNTU-CVE-2025-39996",{"_key":106},"USN-8261-1",[],[109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126],{"_key":20},{"_key":22},{"_key":24},{"_key":26},{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":50},{"_key":52},{"_key":54},"2025-10-15T07:58:21.049Z","2026-05-11T21:40:27.487Z","Deferred",{"cisa_kev":131,"cisa_ransomware":131,"cisa_vendor":9,"epss_severity":132,"epss_score":133,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":129},false,"low",0.00097,[135,141,145,149,153,157,161,165,169],{"url":136,"sources":137,"tags":140},"https://git.kernel.org/stable/c/607010d07b8a509b01ed15ea12744acac6536a98",[138,139],"cve.org","nvd",[],{"url":142,"sources":143,"tags":144},"https://git.kernel.org/stable/c/bde8173def374230226e8554efb51b271f4066ec",[138,139],[],{"url":146,"sources":147,"tags":148},"https://git.kernel.org/stable/c/120e221b4bbe9d0f6c09b5c4dc53ca4ad91d956b",[138,139],[],{"url":150,"sources":151,"tags":152},"https://git.kernel.org/stable/c/d502df8a716d993fa0f9d8c00684f1190750e28e",[138,139],[],{"url":154,"sources":155,"tags":156},"https://git.kernel.org/stable/c/bb10a9ddc8d6c5dbf098f21eb1055a652652e524",[138,139],[],{"url":158,"sources":159,"tags":160},"https://git.kernel.org/stable/c/514a519baa9e2be7ddc2714bd730bc5a883e1244",[138,139],[],{"url":162,"sources":163,"tags":164},"https://git.kernel.org/stable/c/3ffabc79388e68877d9c02f724a0b7a38d519daf",[138,139],[],{"url":166,"sources":167,"tags":168},"https://git.kernel.org/stable/c/6a92f5796880f5aa345f0fed53ef511e3fd6f706",[138,139],[],{"url":170,"sources":171,"tags":172},"https://git.kernel.org/stable/c/01e03fb7db419d39e18d6090d4873c1bff103914",[138,139],[],[],{"date":175,"score":133,"percentile":176},"2026-06-04",0.26782,[178,182,185,188,191,194,197,200,203,206,209,212,215,219,222,225,229,232,235,238,241,244,247,250,253,256,259,262,265,268,271,274,277,280,283,286,290,293,296,299,302,305,308,311,314,317,320,323,326,330,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,401,404,406,409,412,415,418,421,424,427,430,433,436,439,442,444,447],{"date":179,"score":180,"percentile":181},"2025-11-04",0.00043,0.12866,{"date":183,"score":180,"percentile":184},"2025-11-05",0.12891,{"date":186,"score":180,"percentile":187},"2025-11-06",0.1298,{"date":189,"score":180,"percentile":190},"2025-11-07",0.12993,{"date":192,"score":180,"percentile":193},"2025-11-08",0.12994,{"date":195,"score":180,"percentile":196},"2025-11-09",0.12968,{"date":198,"score":180,"percentile":199},"2025-11-10",0.12928,{"date":201,"score":180,"percentile":202},"2025-11-11",0.12942,{"date":204,"score":180,"percentile":205},"2025-11-12",0.12916,{"date":207,"score":180,"percentile":208},"2025-11-13",0.12934,{"date":210,"score":180,"percentile":211},"2025-11-14",0.12946,{"date":213,"score":180,"percentile":214},"2025-11-15",0.12939,{"date":216,"score":217,"percentile":218},"2025-11-16",0.00047,0.14407,{"date":220,"score":217,"percentile":221},"2025-11-17",0.14369,{"date":223,"score":217,"percentile":224},"2025-11-18",0.09828,{"date":226,"score":227,"percentile":228},"2025-11-19",0.00082,0.20184,{"date":230,"score":227,"percentile":231},"2025-11-20",0.20158,{"date":233,"score":227,"percentile":234},"2025-11-21",0.2448,{"date":236,"score":227,"percentile":237},"2025-11-22",0.24478,{"date":239,"score":227,"percentile":240},"2025-11-23",0.24428,{"date":242,"score":227,"percentile":243},"2025-11-24",0.24397,{"date":245,"score":227,"percentile":246},"2025-11-25",0.24386,{"date":248,"score":227,"percentile":249},"2025-11-26",0.24375,{"date":251,"score":227,"percentile":252},"2025-11-27",0.24372,{"date":254,"score":227,"percentile":255},"2025-11-28",0.24348,{"date":257,"score":227,"percentile":258},"2025-11-29",0.24334,{"date":260,"score":227,"percentile":261},"2025-11-30",0.24309,{"date":263,"score":227,"percentile":264},"2025-12-01",0.24354,{"date":266,"score":227,"percentile":267},"2025-12-02",0.24373,{"date":269,"score":227,"percentile":270},"2025-12-03",0.24384,{"date":272,"score":227,"percentile":273},"2025-12-04",0.24312,{"date":275,"score":227,"percentile":276},"2025-12-05",0.24361,{"date":278,"score":227,"percentile":279},"2025-12-06",0.24359,{"date":281,"score":227,"percentile":282},"2025-12-07",0.24323,{"date":284,"score":227,"percentile":285},"2025-12-08",0.24329,{"date":287,"score":288,"percentile":289},"2025-12-09",0.00068,0.21063,{"date":291,"score":288,"percentile":292},"2025-12-10",0.2114,{"date":294,"score":288,"percentile":295},"2025-12-11",0.21182,{"date":297,"score":288,"percentile":298},"2025-12-12",0.21196,{"date":300,"score":288,"percentile":301},"2025-12-13",0.21198,{"date":303,"score":288,"percentile":304},"2025-12-14",0.21166,{"date":306,"score":288,"percentile":307},"2025-12-15",0.21144,{"date":309,"score":288,"percentile":310},"2025-12-16",0.2117,{"date":312,"score":288,"percentile":313},"2025-12-17",0.21244,{"date":315,"score":288,"percentile":316},"2025-12-18",0.21327,{"date":318,"score":288,"percentile":319},"2025-12-19",0.21345,{"date":321,"score":288,"percentile":322},"2025-12-20",0.21322,{"date":324,"score":288,"percentile":325},"2025-12-21",0.21271,{"date":327,"score":328,"percentile":329},"2025-12-22",0.00071,0.22069,{"date":331,"score":328,"percentile":332},"2025-12-23",0.22066,{"date":334,"score":328,"percentile":335},"2025-12-24",0.22084,{"date":337,"score":328,"percentile":338},"2025-12-25",0.22166,{"date":340,"score":328,"percentile":341},"2025-12-26",0.22151,{"date":343,"score":328,"percentile":344},"2025-12-27",0.22162,{"date":346,"score":328,"percentile":347},"2025-12-28",0.22116,{"date":349,"score":328,"percentile":350},"2025-12-29",0.22082,{"date":352,"score":328,"percentile":353},"2025-12-30",0.22063,{"date":355,"score":328,"percentile":356},"2025-12-31",0.22119,{"date":358,"score":328,"percentile":359},"2026-01-01",0.22214,{"date":361,"score":328,"percentile":362},"2026-01-02",0.2221,{"date":364,"score":328,"percentile":365},"2026-01-03",0.22194,{"date":367,"score":328,"percentile":368},"2026-01-04",0.22094,{"date":370,"score":328,"percentile":371},"2026-01-05",0.22088,{"date":373,"score":328,"percentile":374},"2026-01-06",0.22102,{"date":376,"score":328,"percentile":377},"2026-01-07",0.22141,{"date":379,"score":328,"percentile":380},"2026-01-08",0.22195,{"date":382,"score":328,"percentile":383},"2026-01-09",0.22185,{"date":385,"score":328,"percentile":386},"2026-01-10",0.22179,{"date":388,"score":328,"percentile":389},"2026-01-11",0.22145,{"date":391,"score":328,"percentile":392},"2026-01-12",0.22112,{"date":394,"score":328,"percentile":395},"2026-01-13",0.2209,{"date":397,"score":328,"percentile":398},"2026-01-14",0.22154,{"date":400,"score":328,"percentile":341},"2026-01-15",{"date":402,"score":328,"percentile":403},"2026-01-16",0.22176,{"date":405,"score":328,"percentile":403},"2026-01-17",{"date":407,"score":328,"percentile":408},"2026-01-18",0.22123,{"date":410,"score":328,"percentile":411},"2026-01-19",0.22075,{"date":413,"score":328,"percentile":414},"2026-01-20",0.22047,{"date":416,"score":328,"percentile":417},"2026-01-21",0.22004,{"date":419,"score":328,"percentile":420},"2026-01-22",0.21986,{"date":422,"score":328,"percentile":423},"2026-01-23",0.22074,{"date":425,"score":328,"percentile":426},"2026-01-24",0.22091,{"date":428,"score":328,"percentile":429},"2026-01-25",0.22015,{"date":431,"score":328,"percentile":432},"2026-01-26",0.21905,{"date":434,"score":328,"percentile":435},"2026-01-27",0.21892,{"date":437,"score":328,"percentile":438},"2026-01-28",0.21898,{"date":440,"score":328,"percentile":441},"2026-01-29",0.21851,{"date":443,"score":328,"percentile":441},"2026-01-30",{"date":445,"score":328,"percentile":446},"2026-01-31",0.21859,{"date":448,"score":328,"percentile":449},"2026-02-01",0.219,[],[452],{"ecosystem":9,"name":453,"vendor":454,"product":454,"cpe_part":455,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":456},"Linux","linux","a",[457,464,467,470,473,476,479,482,485,488],{"version":458,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":462,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C 607010d07b8a509b01ed15ea12744acac6536a98",true,"382c5546d618f24dc7d6ae7ca33412083720efbf","including","607010d07b8a509b01ed15ea12744acac6536a98","excluding",{"version":465,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":466,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C bde8173def374230226e8554efb51b271f4066ec","bde8173def374230226e8554efb51b271f4066ec",{"version":468,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":469,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C 120e221b4bbe9d0f6c09b5c4dc53ca4ad91d956b","120e221b4bbe9d0f6c09b5c4dc53ca4ad91d956b",{"version":471,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":472,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C d502df8a716d993fa0f9d8c00684f1190750e28e","d502df8a716d993fa0f9d8c00684f1190750e28e",{"version":474,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":475,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C bb10a9ddc8d6c5dbf098f21eb1055a652652e524","bb10a9ddc8d6c5dbf098f21eb1055a652652e524",{"version":477,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":478,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C 514a519baa9e2be7ddc2714bd730bc5a883e1244","514a519baa9e2be7ddc2714bd730bc5a883e1244",{"version":480,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":481,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C 3ffabc79388e68877d9c02f724a0b7a38d519daf","3ffabc79388e68877d9c02f724a0b7a38d519daf",{"version":483,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":484,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C 6a92f5796880f5aa345f0fed53ef511e3fd6f706","6a92f5796880f5aa345f0fed53ef511e3fd6f706",{"version":486,"is_range":459,"range_type":138,"version_start":460,"version_start_type":461,"version_end":487,"version_end_type":463,"fixed_in":9},">= 382c5546d618f24dc7d6ae7ca33412083720efbf, \u003C 01e03fb7db419d39e18d6090d4873c1bff103914","01e03fb7db419d39e18d6090d4873c1bff103914",{"version":489,"is_range":131,"range_type":138,"version_start":489,"version_start_type":461,"version_end":489,"version_end_type":461,"fixed_in":9},"2.6.29"]