CVE-2025-39876
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() The function of_phy_find_device may return NULL, so we need to take care before dereferencing phy_dev.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.03%• Percentile: 10%
Techniques & Countermeasures
- CWE-476•NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Systems
- debian•debian_linux
11.0
- linux•linux
≥ 9e70485b40c8306298adea8bdc867ca27f88955a, < 8c60d12bba14dc655d2d948b1dbf390b3ae39cb8 | ≥ 64a632da538a6827fad0ea461925cedb9899ebe2, < 20a3433d31c2d2bf70ab0abec75f3136b42ae66c | ≥ 64a632da538a6827fad0ea461925cedb9899ebe2, < 93a699d6e92cfdfa9eb9dbb8c653b5322542ca4f | ≥ 64a632da538a6827fad0ea461925cedb9899ebe2, < 5f1bb554a131e59b28482abad21f691390651752 | ≥ 64a632da538a6827fad0ea461925cedb9899ebe2, < fe78891f296ac05bf4e5295c9829ef822f3c32e7 | ≥ 64a632da538a6827fad0ea461925cedb9899ebe2, < 4fe53aaa4271a72fe5fe3e88a45ce01646b68dc5 | ≥ 64a632da538a6827fad0ea461925cedb9899ebe2, < eb148d85e126c47d65be34f2a465d69432ca5541 | ≥ 64a632da538a6827fad0ea461925cedb9899ebe2, < 03e79de4608bdd48ad6eec272e196124cefaf798 | c068e505f229ca5f778f825f1401817ce818e917 | 8a6ab151443cd71e2aa5e8b7014e3453dbd51935 | ce88b5f42868ef4964c497d4dfcd25e88fd60c5b | ≥ 5.4.73, < 5.4.300 | ≥ 4.19.153, < 4.20 | ≥ 5.8.17, < 5.9 | ≥ 5.9.2, < 5.10 | 5.10
- linux•linux_kernel
≥ 4.19.153, < 4.20 | ≥ 5.4.73, < 5.4.300 | ≥ 5.8.17, < 5.9 | ≥ 5.9.2, < 5.10.245 | ≥ 5.11, < 5.15.194 | ≥ 5.16, < 6.1.153 | ≥ 6.2, < 6.6.107 | ≥ 6.7, < 6.12.48 | ≥ 6.13, < 6.16.8 | 6.17:rc1 | 6.17:rc2 | 6.17:rc3 | 6.17:rc4 | 6.17:rc5
References (9)
- https://git.kernel.org/stable/c/8c60d12bba14dc655d2d948b1dbf390b3ae39cb8
- https://git.kernel.org/stable/c/20a3433d31c2d2bf70ab0abec75f3136b42ae66c
- https://git.kernel.org/stable/c/93a699d6e92cfdfa9eb9dbb8c653b5322542ca4f
- https://git.kernel.org/stable/c/5f1bb554a131e59b28482abad21f691390651752
- https://git.kernel.org/stable/c/fe78891f296ac05bf4e5295c9829ef822f3c32e7
- https://git.kernel.org/stable/c/4fe53aaa4271a72fe5fe3e88a45ce01646b68dc5
- https://git.kernel.org/stable/c/eb148d85e126c47d65be34f2a465d69432ca5541
- https://git.kernel.org/stable/c/03e79de4608bdd48ad6eec272e196124cefaf798
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html