VDB
CVE-2025-39858
CVE-2025-39858
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix IS_ERR() vs NULL check bug in mlx4_en_create_rx_ring Replace NULL check with IS_ERR() check after calling page_pool_create() since this function returns error pointers (ERR_PTR). Using NULL check could lead to invalid pointer dereference.
EPSS 0.03% · 7.4th percentile
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.03%
7.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 6.15, 6.15, 6.15 |
| Linux | Linux | 8533b14b3d65ee666ba31254787c1bdaee56d95a, 8533b14b3d65ee666ba31254787c1bdaee56d95a, 6.15 |
Timeline
- Jan 21, 1970 Security Advisory
- Sep 19, 2025 CVE Published
- Sep 20, 2025 EPSS Score
- Sep 27, 2025 EPSS Score
- Oct 4, 2025 EPSS Score
- Oct 4, 2025 Coalition ESS Score
- Oct 6, 2025 Coalition ESS Score
- Oct 11, 2025 EPSS Score
- Oct 18, 2025 EPSS Score
- Oct 24, 2025 Coalition ESS Score
- Oct 25, 2025 EPSS Score
- Nov 1, 2025 EPSS Score