CVE-2025-38137

{"id": "CVE-2025-38137", "cveTags": [], "metrics": {}, "published": "2025-07-03T09:15:28.240", "references": [{"url": "https://git.kernel.org/stable/c/8b926f237743f020518162c62b93cb7107a2b5eb", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b3ad6d23fec23fbef382ce9ea640c37446593cf5", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/pwrctrl: Cancel outstanding rescan work when unregistering\n\nIt's possible to trigger use-after-free here by:\n\n (a) forcing rescan_work_func() to take a long time and\n (b) utilizing a pwrctrl driver that may be unloaded for some reason\n\nCancel outstanding work to ensure it is finished before we allow our data\nstructures to be cleaned up.\n\n[bhelgaas: tidy commit log]"}], "lastModified": "2025-07-03T15:13:53.147", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}