5.5

CVE-2025-39709

media: venus: protect against spurious interrupts during probe

In the Linux kernel, the following vulnerability has been resolved:

media: venus: protect against spurious interrupts during probe

Make sure the interrupt handler is initialized before the interrupt is
registered.

If the IRQ is registered before hfi_create(), it's possible that an
interrupt fires before the handler setup is complete, leading to a NULL
dereference.

This error condition has been observed during system boot on Rb3Gen2.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.13 < 5.4.297
LinuxLinux Kernel Version >= 5.5 < 5.10.241
LinuxLinux Kernel Version >= 5.11 < 5.15.190
LinuxLinux Kernel Version >= 5.16 < 6.1.149
LinuxLinux Kernel Version >= 6.2 < 6.6.103
LinuxLinux Kernel Version >= 6.7 < 6.12.44
LinuxLinux Kernel Version >= 6.13 < 6.16.4
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.045
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/18c2b2bd982b8546312c9a7895515672169f28e0
Patch
https://git.kernel.org/stable/c/88cf63c2599761c48dec8f618d57dccf8f6f4b53
Patch
https://git.kernel.org/stable/c/9db6a78bc5e418e0064e2248c8f3b9b9e8418646
Patch
https://git.kernel.org/stable/c/37cc0ac889b018097c217c5929fd6dc2aed636a1
Patch
https://git.kernel.org/stable/c/f54be97bc69b1096198b6717c150dec69f2a1b4d
Patch
https://git.kernel.org/stable/c/639eb587f977c02423f4762467055b23902b4131
Patch
https://git.kernel.org/stable/c/e796028b4835af00d9a38ebbb208ec3a6634702a
Patch
https://git.kernel.org/stable/c/3200144a2fa4209dc084a19941b9b203b43580f0
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
https://cert-portal.siemens.com/productcert/html/ssa-032379.html