5.5

CVE-2025-39856

EPSS 0.02%
Veröffentlicht 19.09.2025 15:26:27
Zuletzt bearbeitet 11.12.2025 19:35:54
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: ti: am65-cpsw-nuss: Fix null pointer dereference for ndev

In the TX completion packet stage of TI SoCs with CPSW2G instance, which
has single external ethernet port, ndev is accessed without being
initialized if no TX packets have been processed. It results into null
pointer dereference, causing kernel to crash. Fix this by having a check
on the number of TX packets which have been processed.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.15 < 6.16.6

Linux ≫ Linux Kernel Version6.17 Updaterc1

Linux ≫ Linux Kernel Version6.17 Updaterc2

Linux ≫ Linux Kernel Version6.17 Updaterc3

Linux ≫ Linux Kernel Version6.17 Updaterc4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.043

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/485302905bada953aadfe063320d73c892a66cbb

Patch

https://git.kernel.org/stable/c/a6099f263e1f408bcc7913c9df24b0677164fc5d

Patch

https://nvd.nist.gov/vuln/detail/CVE-2025-39856

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39856

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39856

EUVD