CVE-2025-39858 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-39858 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix IS_ERR() vs NULL check bug in mlx4_en_create_rx_ring Replace NULL check with IS_ERR() check after calling page_pool_create() since this function returns error pointers (ERR_PTR). Using NULL check could lead to invalid pointer dereference.

EPSS 0.02% · 4.7th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.02%

4.7th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.17, 6.15, 6.15
Linux	Linux	8533b14b3d65ee666ba31254787c1bdaee56d95a, 6.15, 0

Timeline

Jan 21, 1970 Security Advisory
Sep 19, 2025 CVE Published
Sep 20, 2025 EPSS Score
Sep 26, 2025 EPSS Score
Oct 3, 2025 EPSS Score
Oct 4, 2025 Coalition ESS Score
Oct 6, 2025 Coalition ESS Score
Oct 9, 2025 EPSS Score
Oct 16, 2025 EPSS Score
Oct 22, 2025 EPSS Score
Oct 24, 2025 Coalition ESS Score
Oct 28, 2025 EPSS Score

References

Open in Interactive Console →