#VU106598 Use-after-free in Linux kernel - CVE-2025-21928
Vulnerability identifier: #VU106598
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ishtp_hid_remove() function in drivers/hid/intel-ish-hid/ishtp-hid.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: 6.13, 6.13.1, 6.13.2, 6.13.3, 6.13.4, 6.13.5, 6.13.6
External links
https://git.kernel.org/stable/c/01b18a330cda61cc21423a7d1af92cf31ded8f60
https://git.kernel.org/stable/c/07583a0010696a17fb0942e0b499a62785c5fc9f
https://git.kernel.org/stable/c/0c1fb475ef999d6c22fc3f963fdf20cb3ed1b03d
https://git.kernel.org/stable/c/560f4d1299342504a6ab8a47f575b5e6b8345ada
https://git.kernel.org/stable/c/cf1a6015d2f6b1f0afaa0fd6a0124ff2c7943394
https://git.kernel.org/stable/c/d3faae7f42181865c799d88c5054176f38ae4625
https://git.kernel.org/stable/c/dea6a349bcaf243fff95dfd0428a26be6a0fb44e
https://git.kernel.org/stable/c/eb0695d87a81e7c1f0509b7d8ee7c65fbc26aec9
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.13.7
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
