CVE-2025-39855Use After Free in Linux

CWE-416Use After FreeCWE-476NULL Pointer Dereference5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 93.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 19
Latest updateSep 22

Description

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ptp_ts_irq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the latency overhead of proxying sideband command requests over the firmware AdminQ. The logic still makes use of the Tx timestamp tracking structure, ice_ptp_tx, as it uses the same "ready" bitmap to tr

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel6.156.16.6+1
Debianlinux/linux_kernel< 6.16.6-1
CVEListV5linux/linuxf9472aaabd1f38954938838a1146db4855ad88e81467a873b20110263cc9c93de99335d139c11e16+2
debiandebian/linux< linux 6.16.6-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-hvpw-9ghq-558j: In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ptp_ts_irq The E810 device has support2025-09-22
OSV
CVE-2025-39855: In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ptp_ts_irq The E810 device has support f2025-09-19

📋Vendor Advisories

2
Red Hat
kernel: ice: fix NULL access of tx->in_use in ice_ptp_ts_irq2025-09-19
Debian
CVE-2025-39855: linux - In the Linux kernel, the following vulnerability has been resolved: ice: fix NU...2025
CVE-2025-39855 — Use After Free in Linux | cvebase