CVE-2025-39959NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 9

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix incorrect retrival of acp_chip_info Use dev_get_drvdata(dev->parent) instead of dev_get_platdata(dev) to correctly obtain acp_chip_info members in the acp I2S driver. Previously, some members were not updated properly due to incorrect data access, which could potentially lead to null pointer dereferences. This issue was missed in the earlier commit ("ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_td

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.156.16.9+1
Debianlinux/linux_kernel< 6.16.9-1
CVEListV5linux/linuxe3933683b25e2cc94485da4909e3338e1a177b3965c5cfbd6d938f77a0df3c34855a4f7d8a61fd10+2
debiandebian/linux< linux 6.16.9-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-9p48-47pw-5x95: In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix incorrect retrival of acp_chip_info Use dev_get_drvdata(dev-2025-10-09
OSV
CVE-2025-39959: In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix incorrect retrival of acp_chip_info Use dev_get_drvdata(dev->p2025-10-09

📋Vendor Advisories

2
Red Hat
kernel: ASoC: amd: acp: Fix incorrect retrival of acp_chip_info2025-10-09
Debian
CVE-2025-39959: linux - In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: ...2025