### [CVE-2025-21923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21923)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=053fa3888d2a957f4db26c05e503f4c6b9570a30%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=3e38cbbfa0a128a9d64773240a9eb3bc7bae3b1a%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.12.16%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.13.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.6.79%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=79504249d7e27cad4a3eeb9afc6386e418728ce0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=e1147961b2145fa61c3078a4a797d9576cde91ab%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:HID: hid-steam: Fix use-after-free when detaching deviceWhen a hid-steam device is removed it must clean up the client_hdev used forintercepting hidraw access. This can lead to scheduling deferred work toreattach the input device. Though the cleanup cancels the deferred work, thiswas done before the client_hdev itself is cleaned up, so it gets rescheduled.This patch fixes the ordering to make sure the deferred work is properlycanceled.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds