Description

In the Linux kernel, the following vulnerability has been resolved: HID: hid-steam: Fix use-after-free when detaching device When a hid-steam device is removed it must clean up the client_hdev used for intercepting hidraw access. This can lead to scheduling deferred work to reattach the input device. Though the cleanup cancels the deferred work, this was done before the client_hdev itself is cleaned up, so it gets rescheduled. This patch fixes the ordering to make sure the deferred work is properly canceled.

INFO

Published Date :

2025-04-01T15:40:56.229Z

Last Modified :

2025-05-04T07:24:39.239Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-21923 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-21923.

URL Resource
https://git.kernel.org/stable/c/026714ec7546de741826324a6a1914c91024d06c cve-icon cve-icon
https://git.kernel.org/stable/c/a899adf7063c6745aaff1ec869f3c7f6329ed0a1 cve-icon cve-icon
https://git.kernel.org/stable/c/e53fc232a65f7488ab75d03a5b95f06aaada7262 cve-icon cve-icon
https://git.kernel.org/stable/c/ea3f18d2f02629653b7bfe42607737ccd1343e54 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025040132-CVE-2025-21923-5c6e@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-21923 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-21923 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact