Linux Kernel Vulnerability in Ethernet Driver Affecting Multiple Versions
CVE-2025-39858

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 19 September 2025

What is CVE-2025-39858?

A vulnerability in the Linux kernel's Ethernet driver could lead to invalid pointer dereferences due to an erroneous NULL check. Specifically, this issue arises in the mlx4_en_create_rx_ring function after calling page_pool_create(), which can return error pointers (ERR_PTR). Failing to replace the NULL check with an IS_ERR() verification may result in system instability and unpredicted behavior.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8533b14b3d65ee666ba31254787c1bdaee56d95a < 7b77d8841a98a9f45c8a615222c698df8dec581c

Linux 8533b14b3d65ee666ba31254787c1bdaee56d95a

Linux 6.15

References

https://git.kernel.org/stable/c/7b77d8841a98a9f45c8a61522...

https://git.kernel.org/stable/c/e580beaf43d563aaf457f1c7f...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Linux

What is CVE-2025-39858?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.