NULL Pointer Dereference Vulnerability in Linux Kernel Affecting E810 Devices
CVE-2025-39855

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 19 September 2025

What is CVE-2025-39855?

A vulnerability in the Linux kernel affects E810 devices due to inadequate checks in the ice_ptp_ts_irq() function, which can lead to a NULL pointer dereference. This issue arises when the Tx timestamp interrupt interacts with driver reset logic, potentially resulting in use-after-free conditions. The bug occurs because the tracker might not be initialized prior to being accessed, leading to system instability. The fix ensures that checks on the tracker only occur if it is marked as initialized.

Affected Version(s)

Linux f9472aaabd1f38954938838a1146db4855ad88e8 < 1467a873b20110263cc9c93de99335d139c11e16

Linux f9472aaabd1f38954938838a1146db4855ad88e8 < 403bf043d9340196e06769065169df7444b91f7a

Linux 6.15

References

https://git.kernel.org/stable/c/1467a873b20110263cc9c93de...

https://git.kernel.org/stable/c/403bf043d9340196e06769065...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Apr 16, 2025