5.5

CVE-2025-39937

EPSS 0.03%
Veröffentlicht 04.10.2025 07:31:00
Zuletzt bearbeitet 25.03.2026 00:46:04
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer

In the Linux kernel, the following vulnerability has been resolved:

net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer

Since commit 7d5e9737efda ("net: rfkill: gpio: get the name and type from
device property") rfkill_find_type() gets called with the possibly
uninitialized "const char *type_name;" local variable.

On x86 systems when rfkill-gpio binds to a "BCM4752" or "LNV4752"
acpi_device, the rfkill->type is set based on the ACPI acpi_device_id:

        rfkill->type = (unsigned)id->driver_data;

and there is no "type" property so device_property_read_string() will fail
and leave type_name uninitialized, leading to a potential crash.

rfkill_find_type() does accept a NULL pointer, fix the potential crash
by initializing type_name to NULL.

Note likely sofar this has not been caught because:

1. Not many x86 machines actually have a "BCM4752"/"LNV4752" acpi_device
2. The stack happened to contain NULL where type_name is stored

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

NVD 13 VulnDex Vulnerability Enrichment 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.6 < 5.4.300

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.245

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.194

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.154

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.108

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.49

Linux ≫ Linux Kernel Version >= 6.13 < 6.16.9

Linux ≫ Linux Kernel Version6.17 Updaterc1

Linux ≫ Linux Kernel Version6.17 Updaterc2

Linux ≫ Linux Kernel Version6.17 Updaterc3

Linux ≫ Linux Kernel Version6.17 Updaterc4

Linux ≫ Linux Kernel Version6.17 Updaterc5

Linux ≫ Linux Kernel Version6.17 Updaterc6

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/184f608a68f96794e8fe58cd5535014d53622cde

Patch

https://git.kernel.org/stable/c/8793e7a8e1b60131a825457174ed6398111daeb7

Patch

https://git.kernel.org/stable/c/ada2282259243387e6b6e89239aeb4897e62f051

Patch

https://git.kernel.org/stable/c/47ade5f9d70b23a119ec20b1c6504864b2543a79

Patch

https://git.kernel.org/stable/c/689aee35ce671aab752f159e5c8e66d7685e6887

Patch

https://git.kernel.org/stable/c/21ba85d9d508422ca9e6698463ff9357c928c22d

Patch

https://git.kernel.org/stable/c/21a39b958b4bcf44f7674bfbbe1bbb8cad0d842d

Patch

https://git.kernel.org/stable/c/b6f56a44e4c1014b08859dcf04ed246500e310e5

Patch

https://nvd.nist.gov/vuln/detail/CVE-2025-39937

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39937

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39937

EUVD