Null Pointer Dereference Vulnerability in Linux Kernel Affecting Media Components
CVE-2025-39708

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 5 September 2025

What is CVE-2025-39708?

A vulnerability has been identified in the Linux kernel related to the media components where a null pointer dereference could occur. This issue arises during the execution of the function 'iris_hfi_gen2_handle_system_error', where one of its arguments may inadvertently be null. To mitigate this risk, a validation check has been incorporated to ensure that the argument is not null before accessing its properties, thereby preventing potential crashes and enhancing stability.

Affected Version(s)

Linux fb583a214337a5600c121c9e1eecbb57fa9db688 < 992ddee3c0da5f113ba86892ace467c1ac645538

Linux fb583a214337a5600c121c9e1eecbb57fa9db688 < 0f837559ccdd275c5a059e6ac4d5034b03409f1d

Linux 6.15

References

https://git.kernel.org/stable/c/992ddee3c0da5f113ba86892a...

https://git.kernel.org/stable/c/0f837559ccdd275c5a059e6ac...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2025
Vulnerability Reserved
Apr 16, 2025