Linux Kernel Vulnerability Affecting Null Pointer Dereference in SMC
CVE-2025-39857

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 19 September 2025

What is CVE-2025-39857?

A vulnerability in the Linux Kernel specifically impacts the SMC (Shared Memory Communications) component. It occurs due to a NULL pointer dereference in the function 'smc_ib_is_sg_need_sync'. This defect can lead to system instability if a software RoCE device is used, as the 'ibdev->dma_device' pointer may not be correctly initialized. This situation has been addressed by implementing additional NULL pointer checks to prevent potential exploitation and ensure system reliability.

Affected Version(s)

Linux 0ef69e788411cba2af017db731a9fc62d255e9ac < 0cdf1fd8fc59d44a48c694324611136910301ef9

Linux 0ef69e788411cba2af017db731a9fc62d255e9ac

References

https://git.kernel.org/stable/c/0cdf1fd8fc59d44a48c694324...

https://git.kernel.org/stable/c/f18d9b3abf9c6587372cc702f...

https://git.kernel.org/stable/c/eb929910bd4b4165920fa06a8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Apr 16, 2025