CVE-2025-39729 — Access of Uninitialized Pointer in Linux

CWE-824 — Access of Uninitialized Pointer5 documents5 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 94.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedSep 7

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 __sev_platform_init_locked() error: we previously assumed 'error' could be null

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶NVDlinux/linux_kernel6.16

▶CVEListV5linux/linux9770b428b1a28360663f1f5e524ee458b4cf454b — 841634e1fdc2bdf35ab851fc279fd3bedcdf5e93+2

▶debiandebian/linux

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

CVE-2025-39729: In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warni↗2025-09-07

▶

GHSA

GHSA-5fwg-rrmc-r9r3: In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch war↗2025-09-07

▶

📋Vendor Advisories

Red Hat

kernel: crypto: ccp - Fix dereferencing uninitialized error pointer↗2025-09-07

▶

Debian

CVE-2025-39729: linux - In the Linux kernel, the following vulnerability has been resolved: crypto: ccp...↗2025

▶