[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-40002":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":14,"duplicates":33,"related":34,"reserved_at":9,"published_at":37,"modified_at":38,"state":39,"summary":40,"references_raw":44,"kevs":55,"epss":56,"epss_history":59,"metrics":328,"affected":329},"CVE-2025-40002","In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Fix use-after-free in tb_dp_dprx_work\n\nThe original code relies on cancel_delayed_work() in tb_dp_dprx_stop(),\nwhich does not ensure that the delayed work item tunnel->dprx_work has\nfully completed if it was already running. This leads to use-after-free\nscenarios where tb_tunnel is deallocated by tb_tunnel_put(), while\ntunnel->dprx_work remains active and attempts to dereference tb_tunnel\nin tb_dp_dprx_work().\n\nA typical race condition is illustrated below:\n\nCPU 0                            | CPU 1\ntb_dp_tunnel_active()            |\n  tb_deactivate_and_free_tunnel()| tb_dp_dprx_start()\n    tb_tunnel_deactivate()       |   queue_delayed_work()\n      tb_dp_activate()           |\n        tb_dp_dprx_stop()        | tb_dp_dprx_work() //delayed worker\n          cancel_delayed_work()  |\n    tb_tunnel_put(tunnel);       |\n                                 |   tunnel = container_of(...); //UAF\n                                 |   tunnel-> //UAF\n\nReplacing cancel_delayed_work() with cancel_delayed_work_sync() is\nnot feasible as it would introduce a deadlock: both tb_dp_dprx_work()\nand the cleanup path acquire tb->lock, and cancel_delayed_work_sync()\nwould wait indefinitely for the work item that cannot proceed.\n\nInstead, implement proper reference counting:\n- If cancel_delayed_work() returns true (work is pending), we release\n  the reference in the stop function.\n- If it returns false (work is executing or already completed), the\n  reference is released in delayed work function itself.\n\nThis ensures the tb_tunnel remains valid during work item execution\nwhile preventing memory leaks.\n\nThis bug was found by static analysis.",null,[],[],[],[],[15,17,19,21,23,25,27,29,31],{"_key":16},"OPENSUSE-SU-2026:10301-1",{"_key":18},"OPENSUSE-SU-2025:15671-1",{"_key":20},"USN-8029-1",{"_key":22},"USN-8029-2",{"_key":24},"USN-8029-3",{"_key":26},"USN-8030-1",{"_key":28},"DEBIAN-CVE-2025-40002",{"_key":30},"UBUNTU-CVE-2025-40002",{"_key":32},"USN-8048-1",[],[35,36],{"_key":16},{"_key":18},"2025-10-18T08:03:22.718Z","2026-05-11T21:40:34.575Z","Deferred",{"cisa_kev":41,"cisa_ransomware":41,"cisa_vendor":9,"epss_severity":42,"epss_score":43,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":39},false,"low",0.00032,[45,51],{"url":46,"sources":47,"tags":50},"https://git.kernel.org/stable/c/c07923f6a8729fc27ee652221a51702ff6654097",[48,49],"cve.org","nvd",[],{"url":52,"sources":53,"tags":54},"https://git.kernel.org/stable/c/67600ccfc4f38ebd331b9332ac94717bfbc87ea7",[48,49],[],[],{"date":57,"score":43,"percentile":58},"2026-06-04",0.09583,[60,64,67,70,73,76,79,82,84,87,90,93,96,99,102,105,109,112,115,118,121,124,127,130,132,135,138,140,143,146,149,152,155,158,161,164,167,170,173,176,179,182,185,188,191,194,197,200,203,206,209,212,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,261,264,266,269,272,275,278,281,284,287,290,293,296,299,302,305,308,311,314,317,320,322,325],{"date":61,"score":62,"percentile":63},"2025-11-04",0.00025,0.05598,{"date":65,"score":62,"percentile":66},"2025-11-05",0.05602,{"date":68,"score":62,"percentile":69},"2025-11-06",0.05722,{"date":71,"score":62,"percentile":72},"2025-11-07",0.05735,{"date":74,"score":62,"percentile":75},"2025-11-08",0.05734,{"date":77,"score":62,"percentile":78},"2025-11-09",0.05728,{"date":80,"score":62,"percentile":81},"2025-11-10",0.05705,{"date":83,"score":62,"percentile":72},"2025-11-11",{"date":85,"score":62,"percentile":86},"2025-11-12",0.05781,{"date":88,"score":62,"percentile":89},"2025-11-13",0.05815,{"date":91,"score":62,"percentile":92},"2025-11-14",0.05848,{"date":94,"score":62,"percentile":95},"2025-11-15",0.05874,{"date":97,"score":62,"percentile":98},"2025-11-16",0.05889,{"date":100,"score":62,"percentile":101},"2025-11-17",0.05875,{"date":103,"score":62,"percentile":104},"2025-11-18",0.03487,{"date":106,"score":107,"percentile":108},"2025-11-19",0.00028,0.04058,{"date":110,"score":107,"percentile":111},"2025-11-20",0.04114,{"date":113,"score":107,"percentile":114},"2025-11-21",0.06822,{"date":116,"score":107,"percentile":117},"2025-11-22",0.0681,{"date":119,"score":107,"percentile":120},"2025-11-23",0.06794,{"date":122,"score":107,"percentile":123},"2025-11-24",0.06775,{"date":125,"score":107,"percentile":126},"2025-11-25",0.06776,{"date":128,"score":107,"percentile":129},"2025-11-26",0.06779,{"date":131,"score":107,"percentile":126},"2025-11-27",{"date":133,"score":107,"percentile":134},"2025-11-28",0.06763,{"date":136,"score":107,"percentile":137},"2025-11-29",0.06802,{"date":139,"score":107,"percentile":137},"2025-11-30",{"date":141,"score":107,"percentile":142},"2025-12-01",0.06851,{"date":144,"score":107,"percentile":145},"2025-12-02",0.0686,{"date":147,"score":107,"percentile":148},"2025-12-03",0.06875,{"date":150,"score":107,"percentile":151},"2025-12-04",0.0685,{"date":153,"score":107,"percentile":154},"2025-12-05",0.06895,{"date":156,"score":107,"percentile":157},"2025-12-06",0.06906,{"date":159,"score":107,"percentile":160},"2025-12-07",0.06905,{"date":162,"score":107,"percentile":163},"2025-12-08",0.06914,{"date":165,"score":107,"percentile":166},"2025-12-09",0.06971,{"date":168,"score":107,"percentile":169},"2025-12-10",0.07045,{"date":171,"score":107,"percentile":172},"2025-12-11",0.07066,{"date":174,"score":107,"percentile":175},"2025-12-12",0.07065,{"date":177,"score":107,"percentile":178},"2025-12-13",0.07073,{"date":180,"score":107,"percentile":181},"2025-12-14",0.07063,{"date":183,"score":107,"percentile":184},"2025-12-15",0.07022,{"date":186,"score":107,"percentile":187},"2025-12-16",0.07057,{"date":189,"score":107,"percentile":190},"2025-12-17",0.07146,{"date":192,"score":107,"percentile":193},"2025-12-18",0.07212,{"date":195,"score":107,"percentile":196},"2025-12-19",0.07211,{"date":198,"score":107,"percentile":199},"2025-12-20",0.07202,{"date":201,"score":107,"percentile":202},"2025-12-21",0.07189,{"date":204,"score":107,"percentile":205},"2025-12-22",0.07145,{"date":207,"score":107,"percentile":208},"2025-12-23",0.07144,{"date":210,"score":107,"percentile":211},"2025-12-24",0.07164,{"date":213,"score":214,"percentile":215},"2025-12-25",0.00029,0.07649,{"date":217,"score":214,"percentile":218},"2025-12-26",0.07655,{"date":220,"score":214,"percentile":221},"2025-12-27",0.07644,{"date":223,"score":214,"percentile":224},"2025-12-28",0.07656,{"date":226,"score":214,"percentile":227},"2025-12-29",0.07637,{"date":229,"score":214,"percentile":230},"2025-12-30",0.07607,{"date":232,"score":214,"percentile":233},"2025-12-31",0.0765,{"date":235,"score":214,"percentile":236},"2026-01-01",0.07722,{"date":238,"score":214,"percentile":239},"2026-01-02",0.0772,{"date":241,"score":214,"percentile":242},"2026-01-03",0.07726,{"date":244,"score":214,"percentile":245},"2026-01-04",0.07652,{"date":247,"score":214,"percentile":248},"2026-01-05",0.07602,{"date":250,"score":214,"percentile":251},"2026-01-06",0.07593,{"date":253,"score":214,"percentile":254},"2026-01-07",0.07625,{"date":256,"score":214,"percentile":257},"2026-01-08",0.07699,{"date":259,"score":214,"percentile":260},"2026-01-09",0.0771,{"date":262,"score":214,"percentile":263},"2026-01-10",0.07733,{"date":265,"score":214,"percentile":239},"2026-01-11",{"date":267,"score":214,"percentile":268},"2026-01-12",0.07695,{"date":270,"score":214,"percentile":271},"2026-01-13",0.07668,{"date":273,"score":214,"percentile":274},"2026-01-14",0.07708,{"date":276,"score":214,"percentile":277},"2026-01-15",0.07707,{"date":279,"score":214,"percentile":280},"2026-01-16",0.07729,{"date":282,"score":214,"percentile":283},"2026-01-17",0.0774,{"date":285,"score":214,"percentile":286},"2026-01-18",0.07721,{"date":288,"score":214,"percentile":289},"2026-01-19",0.07691,{"date":291,"score":214,"percentile":292},"2026-01-20",0.07651,{"date":294,"score":214,"percentile":295},"2026-01-21",0.0764,{"date":297,"score":214,"percentile":298},"2026-01-22",0.07618,{"date":300,"score":214,"percentile":301},"2026-01-23",0.07713,{"date":303,"score":214,"percentile":304},"2026-01-24",0.0776,{"date":306,"score":214,"percentile":307},"2026-01-25",0.07744,{"date":309,"score":214,"percentile":310},"2026-01-26",0.07709,{"date":312,"score":214,"percentile":313},"2026-01-27",0.07697,{"date":315,"score":214,"percentile":316},"2026-01-28",0.07661,{"date":318,"score":214,"percentile":319},"2026-01-29",0.07638,{"date":321,"score":214,"percentile":215},"2026-01-30",{"date":323,"score":214,"percentile":324},"2026-01-31",0.07667,{"date":326,"score":214,"percentile":327},"2026-02-01",0.07694,[],[330],{"ecosystem":9,"name":331,"vendor":332,"product":332,"cpe_part":333,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":334},"Linux","linux","a",[335,342,345],{"version":336,"is_range":337,"range_type":48,"version_start":338,"version_start_type":339,"version_end":340,"version_end_type":341,"fixed_in":9},">= d6d458d42e1e1544a18f37f1d5c840e00d5261b9, \u003C c07923f6a8729fc27ee652221a51702ff6654097",true,"d6d458d42e1e1544a18f37f1d5c840e00d5261b9","including","c07923f6a8729fc27ee652221a51702ff6654097","excluding",{"version":343,"is_range":337,"range_type":48,"version_start":338,"version_start_type":339,"version_end":344,"version_end_type":341,"fixed_in":9},">= d6d458d42e1e1544a18f37f1d5c840e00d5261b9, \u003C 67600ccfc4f38ebd331b9332ac94717bfbc87ea7","67600ccfc4f38ebd331b9332ac94717bfbc87ea7",{"version":346,"is_range":41,"range_type":48,"version_start":346,"version_start_type":339,"version_end":346,"version_end_type":339,"fixed_in":9},"6.14"]