CVE-2025-39805

EPSS 0.02%
Published 16.09.2025 13:00:06
Last modified 18.09.2025 13:43:45
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

net: macb: fix unregister_netdev call order in macb_remove()

When removing a macb device, the driver calls phy_exit() before
unregister_netdev(). This leads to a WARN from kernfs:

  ------------[ cut here ]------------
  kernfs: can not remove 'attached_dev', no directory
  WARNING: CPU: 1 PID: 27146 at fs/kernfs/dir.c:1683
  Call trace:
    kernfs_remove_by_name_ns+0xd8/0xf0
    sysfs_remove_link+0x24/0x58
    phy_detach+0x5c/0x168
    phy_disconnect+0x4c/0x70
    phylink_disconnect_phy+0x6c/0xc0 [phylink]
    macb_close+0x6c/0x170 [macb]
    ...
    macb_remove+0x60/0x168 [macb]
    platform_remove+0x5c/0x80
    ...

The warning happens because the PHY is being exited while the netdev
is still registered. The correct order is to unregister the netdev
before shutting down the PHY and cleaning up the MDIO bus.

Fix this by moving unregister_netdev() ahead of phy_exit() in
macb_remove().

Affected products Warnungen 0 Metrics 1 CWE 0 References 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < ff0d3bad32108b57265e5b48f15327549af771d3

Version 8b73fa3ae02b2401960de41b0454c0321377b203

Status affected

Version < 775fe690fd4a3337ad2115de2adb41b227d4dae7

Version 8b73fa3ae02b2401960de41b0454c0321377b203

Status affected

Version < 01b9128c5db1b470575d07b05b67ffa3cb02ebf1

Version 8b73fa3ae02b2401960de41b0454c0321377b203

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 5.18

Status affected

Version < 5.18

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.45

Status unaffected

Version <= 6.16.*

Version 6.16.5

Status unaffected

Version <= *

Version 6.17-rc4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.043

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/ff0d3bad32108b57265e5b48f15327549af771d3

https://git.kernel.org/stable/c/775fe690fd4a3337ad2115de2adb41b227d4dae7

https://git.kernel.org/stable/c/01b9128c5db1b470575d07b05b67ffa3cb02ebf1

https://nvd.nist.gov/vuln/detail/CVE-2025-39805

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39805

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39805

EUVD