CVE-2025-39708 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-39708 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix NULL pointer dereference A warning reported by smatch indicated a possible null pointer dereference where one of the arguments to API "iris_hfi_gen2_handle_system_error" could sometimes be null. To fix this, add a check to validate that the argument passed is not null before accessing its members.

EPSS 0.02% · 4.7th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.02%

4.7th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.15, 6.15, 6.15
Linux	Linux	0, fb583a214337a5600c121c9e1eecbb57fa9db688, 6.17

Timeline

Jan 21, 1970 Security Advisory
Sep 5, 2025 CVE Published
Sep 6, 2025 EPSS Score
Sep 6, 2025 Coalition ESS Score
Sep 8, 2025 Coalition ESS Score
Sep 13, 2025 EPSS Score
Sep 16, 2025 Coalition ESS Score
Sep 19, 2025 Coalition ESS Score
Sep 20, 2025 EPSS Score
Sep 26, 2025 Coalition ESS Score
Sep 27, 2025 EPSS Score
Oct 4, 2025 EPSS Score

References

Open in Interactive Console →