CVE-2025-39960
In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: initialize acpi_gpio_info struct Since commit 7c010d463372 ("gpiolib: acpi: Make sure we fill struct acpi_gpio_info"), uninitialized acpi_gpio_info struct are passed to __acpi_find_gpio() and later in the call stack info->quirks is used in acpi_populate_gpio_lookup. This breaks the i2c_hid_cpi driver: [ 58.122916] i2c_hid_acpi i2c-UNIW0001:00: HID over i2c has not been provided an Int IRQ [ 58.123097] i2c_hid_acpi i2c-UNIW0001:00: probe with driver i2c_hid_acpi failed with error -22 Fix this by initializing the acpi_gpio_info pass to __acpi_find_gpio()
EPSS 0.02% · 6.0th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 6.16, 6.16, 6.16 |
| Linux | Linux | 7c010d463372140006bf96985a306d6cbfc6e118, 7c010d463372140006bf96985a306d6cbfc6e118, 6.16 |
Exploit Intelligence
Timeline
- Jan 21, 1970 Security Advisory
- Oct 9, 2025 Coalition ESS Score
- Oct 9, 2025 CVE Published
- Oct 10, 2025 EPSS Score
- Oct 16, 2025 EPSS Score
- Oct 19, 2025 Coalition ESS Score
- Oct 23, 2025 EPSS Score
- Oct 29, 2025 EPSS Score
- Nov 4, 2025 EPSS Score
- Nov 10, 2025 EPSS Score
- Nov 11, 2025 Coalition ESS Score
- Nov 17, 2025 EPSS Score