Null Pointer Dereference in TI SoCs Ethernet Driver
CVE-2025-39856

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 19 September 2025

What is CVE-2025-39856?

A vulnerability was identified in the Linux kernel related to the ethernet driver for Texas Instruments System on Chips (SoCs) utilizing the CPSW2G instance. During the TX completion packet stage, if no TX packets were processed, the driver attempts to access an uninitialized ndev, leading to a null pointer dereference. This flaw can cause a kernel crash, potentially compromising system stability. The vulnerability has been addressed by implementing a check on the number of TX packets processed, ensuring that ndev is accessed only when appropriately initialized.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 9a369ae3d1431a83589dde57323a04692dd7fc12 < 485302905bada953aadfe063320d73c892a66cbb

Linux 9a369ae3d1431a83589dde57323a04692dd7fc12

Linux 6.15

References

https://git.kernel.org/stable/c/485302905bada953aadfe0633...

https://git.kernel.org/stable/c/a6099f263e1f408bcc7913c9d...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Linux

What is CVE-2025-39856?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.