CVE-2025-39959 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-39959 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix incorrect retrival of acp_chip_info Use dev_get_drvdata(dev->parent) instead of dev_get_platdata(dev) to correctly obtain acp_chip_info members in the acp I2S driver. Previously, some members were not updated properly due to incorrect data access, which could potentially lead to null pointer dereferences. This issue was missed in the earlier commit ("ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_tdm_slot"), which only addressed set_tdm_slot(). This change ensures that all relevant functions correctly retrieve acp_chip_info, preventing further null pointer dereference issues.

EPSS 0.02% · 4.7th percentile

Risk Scores

EPSS Score

0.02%

4.7th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.17, 6.17, 6.17
Linux	Linux	6.16.9, 6.17, 0

Timeline

Jan 21, 1970 Security Advisory
Oct 9, 2025 EPSS Score
Oct 9, 2025 Coalition ESS Score
Oct 9, 2025 CVE Published
Oct 10, 2025 Coalition ESS Score
Oct 15, 2025 EPSS Score
Oct 17, 2025 Coalition ESS Score
Oct 21, 2025 EPSS Score
Oct 26, 2025 EPSS Score
Nov 1, 2025 EPSS Score
Nov 2, 2025 Coalition ESS Score
Nov 7, 2025 EPSS Score

References

Open in Interactive Console →