CVE-2025-40062
Linux Kernel < 6.1.156, 6.2.0-6.6.112, 6.7.0-6.12.53, 6.10.0-6.17.3 - Use-After-Free in crypto hisilicon/qm
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs When the initialization of qm->debug.acc_diff_reg fails, the probe process does not exit. However, after qm->debug.qm_diff_regs is freed, it is not set to NULL. This can lead to a double free when the remove process attempts to free it again. Therefore, qm->debug.qm_diff_regs should be set to NULL after it is freed.
References (5)
Core 5
Core References
Scores
EPSS
0.0018
EPSS Percentile
8.1%
Details
Status
published
Products (20)
linux/Kernel
< 6.1.156linux
linux/Kernel
6.10.0 - 6.17.3linux
linux/Kernel
6.2.0 - 6.6.112linux
linux/Kernel
6.7.0 - 6.12.53linux
Linux/Linux
< 6.10
Linux/Linux
6.1.156 - 6.1.*
Linux/Linux
6.1.98 - 6.1.156
Linux/Linux
6.10
Linux/Linux
6.12.53 - 6.12.*
Linux/Linux
6.17.3 - 6.17.*
... and 10 more
Published
Oct 28, 2025
Tracked Since
Feb 18, 2026