Linux KERNEL: corsair-void UAF via missing cancel_delayed_work_sync()
CVE-2025-21797 Published on February 27, 2025
HID: corsair-void: Add missing delayed work cancel for headset status
In the Linux kernel, the following vulnerability has been resolved:
HID: corsair-void: Add missing delayed work cancel for headset status
The cancel_delayed_work_sync() call was missed, causing a use-after-free
in corsair_void_remove().
Vulnerability Analysis
CVE-2025-21797 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2025-21797 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2025-21797
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 6ea2a6fd3872e60a4d500b548ad65ed94e459ddd and below 2dcb56a0a4da6946f6c18288da595c13e0d2af86 is affected.
- Version 6ea2a6fd3872e60a4d500b548ad65ed94e459ddd and below 48e487b002891eb0aeaec704c9bed51f028deff1 is affected.
- Version 6.13 is affected.
- Before 6.13 is unaffected.
- Version 6.13.4, <= 6.13.* is unaffected.
- Version 6.14, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.