VDB

CVE-2025-39856

CVE-2025-39856 PUBLISHED CVSS 8.699999809265137 HIGH

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix null pointer dereference for ndev In the TX completion packet stage of TI SoCs with CPSW2G instance, which has single external ethernet port, ndev is accessed without being initialized if no TX packets have been processed. It results into null pointer dereference, causing kernel to crash. Fix this by having a check on the number of TX packets which have been processed.

EPSS 0.03% · 7.4th percentile

Risk Scores

CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.03%
7.4th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel6.15, 6.15, 6.15
LinuxLinux9a369ae3d1431a83589dde57323a04692dd7fc12, 9a369ae3d1431a83589dde57323a04692dd7fc12, 0

Timeline

  • Jan 21, 1970 Security Advisory
  • Sep 19, 2025 CVE Published
  • Sep 19, 2025 PoC Published
  • Sep 20, 2025 EPSS Score
  • Sep 27, 2025 EPSS Score
  • Oct 4, 2025 EPSS Score
  • Oct 4, 2025 Coalition ESS Score
  • Oct 6, 2025 Coalition ESS Score
  • Oct 11, 2025 EPSS Score
  • Oct 18, 2025 EPSS Score
  • Oct 25, 2025 EPSS Score
  • Oct 27, 2025 Coalition ESS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›