CVE-2025-21856
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-21856
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21856.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-21856
- Downstream
- Related
- Published
- 2025-03-12T09:42:09Z
- Modified
- 2025-10-22T09:31:11.570313Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- s390/ism: add release function for struct device
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
s390/ism: add release function for struct device
According to device_release() in /drivers/base/core.c, a device without a release function is a broken device and must be fixed.
The current code directly frees the device after calling device_add() without waiting for other kernel parts to release their references. Thus, a reference could still be held to a struct device, e.g., by sysfs, leading to potential use-after-free issues if a proper release function is not set.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0505ff2936f166405d81d0d454a81d9c14124344
- https://git.kernel.org/stable/c/915e34d5ad35a6a9e56113f852ade4a730fb88f0
- https://git.kernel.org/stable/c/940d15254d2216b585558bcf36312da50074e711
- https://git.kernel.org/stable/c/e26e8ac27351f457091459a0a355bacd06d5bb2b
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8c81ba20349daf9f7e58bb05a0c12f4b71813a30Fixed940d15254d2216b585558bcf36312da50074e711
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8c81ba20349daf9f7e58bb05a0c12f4b71813a30Fixed0505ff2936f166405d81d0d454a81d9c14124344
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8c81ba20349daf9f7e58bb05a0c12f4b71813a30Fixede26e8ac27351f457091459a0a355bacd06d5bb2b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8c81ba20349daf9f7e58bb05a0c12f4b71813a30Fixed915e34d5ad35a6a9e56113f852ade4a730fb88f0
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.2
v6.13.3
v6.13.4
v6.14-rc1
v6.14-rc2
v6.2
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.79
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0505ff2936f166405d81d0d454a81d9c14124344",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "ism_probe",
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-121af67e",
"signature_type": "Function",
"digest": {
"length": 1000.0,
"function_hash": "138845390101495969736963240939568477569"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@940d15254d2216b585558bcf36312da50074e711",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "ism_probe",
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-17e821a3",
"signature_type": "Function",
"digest": {
"length": 1000.0,
"function_hash": "138845390101495969736963240939568477569"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@940d15254d2216b585558bcf36312da50074e711",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-1dc1d125",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"149084942651257576144652536580975912711",
"243845112551115070483410986343301455575",
"320524599836977767927338175801974764261",
"14444516484545848785002111750939779240",
"242059716655612838532128724958216835647",
"226224469404494817334039111260720740535",
"202504458409603125730259378417113326186",
"159172092419190238791838583105061726844",
"336896427461437396865925777194938832884",
"156916290511475406243342907037023953776",
"206102514664803842996228641900368204925",
"151671708415684505717864677094410270140",
"182680111464042467707706379179288315321",
"224554507972561940572270866660817282021",
"7312265383943574775641170229852139174"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e26e8ac27351f457091459a0a355bacd06d5bb2b",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-338f9af9",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"149084942651257576144652536580975912711",
"243845112551115070483410986343301455575",
"320524599836977767927338175801974764261",
"14444516484545848785002111750939779240",
"242059716655612838532128724958216835647",
"226224469404494817334039111260720740535",
"202504458409603125730259378417113326186",
"159172092419190238791838583105061726844",
"336896427461437396865925777194938832884",
"156916290511475406243342907037023953776",
"206102514664803842996228641900368204925",
"151671708415684505717864677094410270140",
"182680111464042467707706379179288315321",
"224554507972561940572270866660817282021",
"7312265383943574775641170229852139174"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@940d15254d2216b585558bcf36312da50074e711",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "ism_remove",
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-4f1ed525",
"signature_type": "Function",
"digest": {
"length": 232.0,
"function_hash": "142414164391828605967592003729617778740"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e26e8ac27351f457091459a0a355bacd06d5bb2b",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "ism_remove",
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-616abeb9",
"signature_type": "Function",
"digest": {
"length": 232.0,
"function_hash": "142414164391828605967592003729617778740"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@915e34d5ad35a6a9e56113f852ade4a730fb88f0",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "ism_probe",
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-71e3cf04",
"signature_type": "Function",
"digest": {
"length": 1000.0,
"function_hash": "138845390101495969736963240939568477569"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0505ff2936f166405d81d0d454a81d9c14124344",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "ism_remove",
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-9f9cf515",
"signature_type": "Function",
"digest": {
"length": 232.0,
"function_hash": "142414164391828605967592003729617778740"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e26e8ac27351f457091459a0a355bacd06d5bb2b",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "ism_probe",
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-ceb604f4",
"signature_type": "Function",
"digest": {
"length": 1000.0,
"function_hash": "138845390101495969736963240939568477569"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@915e34d5ad35a6a9e56113f852ade4a730fb88f0",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-cf3d3756",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"149084942651257576144652536580975912711",
"243845112551115070483410986343301455575",
"320524599836977767927338175801974764261",
"14444516484545848785002111750939779240",
"242059716655612838532128724958216835647",
"226224469404494817334039111260720740535",
"202504458409603125730259378417113326186",
"159172092419190238791838583105061726844",
"336896427461437396865925777194938832884",
"156916290511475406243342907037023953776",
"206102514664803842996228641900368204925",
"151671708415684505717864677094410270140",
"182680111464042467707706379179288315321",
"224554507972561940572270866660817282021",
"7312265383943574775641170229852139174"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@915e34d5ad35a6a9e56113f852ade4a730fb88f0",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "ism_remove",
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-e08c2bd0",
"signature_type": "Function",
"digest": {
"length": 232.0,
"function_hash": "142414164391828605967592003729617778740"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0505ff2936f166405d81d0d454a81d9c14124344",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/s390/net/ism_drv.c"
},
"id": "CVE-2025-21856-e6729f41",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"149084942651257576144652536580975912711",
"243845112551115070483410986343301455575",
"320524599836977767927338175801974764261",
"14444516484545848785002111750939779240",
"242059716655612838532128724958216835647",
"226224469404494817334039111260720740535",
"202504458409603125730259378417113326186",
"159172092419190238791838583105061726844",
"336896427461437396865925777194938832884",
"156916290511475406243342907037023953776",
"206102514664803842996228641900368204925",
"151671708415684505717864677094410270140",
"182680111464042467707706379179288315321",
"224554507972561940572270866660817282021",
"7312265383943574775641170229852139174"
]
}
}
]