CVE-2025-39814NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 94.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 16

Description

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset Issuing a reset when the driver is loaded without RDMA support, will results in a crash as it attempts to remove RDMA's non-existent auxbus device: echo 1 > /sys/class/net//device/reset BUG: kernel NULL pointer dereference, address: 0000000000000008 ... RIP: 0010:ice_unplug_aux_dev+0x29/0x70 [ice] ... Call Trace: ice_prepare_for_reset+0x77/0x260 [ice] pci_dev

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.166.16.5+1
Debianlinux/linux_kernel< 6.16.5-1
CVEListV5linux/linuxc24a65b6a27c78d8540409800886b6622ea86ebfdb783756a7d7cfaea039411971d0dc0a374e85cb+2
debiandebian/linux< linux 6.16.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-7g52-rhh3-6j2h: In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset Issuing a res2025-09-16
OSV
CVE-2025-39814: In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset Issuing a reset2025-09-16

📋Vendor Advisories

2
Red Hat
kernel: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset2025-09-16
Debian
CVE-2025-39814: linux - In the Linux kernel, the following vulnerability has been resolved: ice: fix NU...2025
CVE-2025-39814 — NULL Pointer Dereference in Linux | cvebase