VDB

CVE-2025-39858

CVE-2025-39858 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix IS_ERR() vs NULL check bug in mlx4_en_create_rx_ring Replace NULL check with IS_ERR() check after calling page_pool_create() since this function returns error pointers (ERR_PTR). Using NULL check could lead to invalid pointer dereference.

EPSS 0.03% · 7.4th percentile

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.03%
7.4th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel6.15, 6.15, 6.15
LinuxLinux8533b14b3d65ee666ba31254787c1bdaee56d95a, 8533b14b3d65ee666ba31254787c1bdaee56d95a, 6.15

Timeline

  • Jan 21, 1970 Security Advisory
  • Sep 19, 2025 CVE Published
  • Sep 20, 2025 EPSS Score
  • Sep 27, 2025 EPSS Score
  • Oct 4, 2025 EPSS Score
  • Oct 4, 2025 Coalition ESS Score
  • Oct 6, 2025 Coalition ESS Score
  • Oct 11, 2025 EPSS Score
  • Oct 18, 2025 EPSS Score
  • Oct 24, 2025 Coalition ESS Score
  • Oct 25, 2025 EPSS Score
  • Nov 1, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›