CVE-2025-39853

Sept. 19, 2025, 4:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty list_first_entry() never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory access when dereferenced. Fix this by using list_first_entry_or_null instead of list_first_entry.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *
Intel
  • I40e
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux linux_kernel / / / / / / / /
a intel i40e / / / / / / / /

References

https://git.kernel.org/stable/c/1eadabcf5623f1237a539b16586b4ed8ac8dffcd
https://git.kernel.org/stable/c/3c6fb929afa313d9d11f780451d113f73922fe5d
https://git.kernel.org/stable/c/66e7cdbda74ee823ec2bf7b830ebd235c54f5ddf
https://git.kernel.org/stable/c/971feafe157afac443027acdc235badc6838560b
https://git.kernel.org/stable/c/9c21fc4cebd44dd21016c61261a683af390343f8
https://git.kernel.org/stable/c/a556f06338e1d5a85af0e32ecb46e365547f92b9
https://git.kernel.org/stable/c/e2a5e74879f9b494bbd66fa93f355feacde450c7
https://git.kernel.org/stable/c/fb216d980fae6561c7c70af8ef826faf059c6515

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-09-19
CVE-2025-39853

Timeline

Published: Sept. 19, 2025, 4:15 p.m.
Last Modified: Sept. 19, 2025, 4:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.