Linux Kernel Vulnerability: NULL Pointer Dereference in ANX7625 Driver
CVE-2025-39934

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2025-39934?

A vulnerability exists in the Linux kernel's ANX7625 display bridge driver that may lead to a NULL pointer dereference. This issue arises if an interrupt is triggered before the necessary resource initialization is completed, allowing the interrupt handler or worker to access uninitialized data. This could particularly affect the I2C tcpc_client device, posing potential instability and security risks.

Affected Version(s)

Linux 8bdfc5dae4e3ba4d99dfb430ef43249e5f1b7730 < 51a501e990a353a4f15da6bab295b28e5d118f64

Linux 8bdfc5dae4e3ba4d99dfb430ef43249e5f1b7730

Linux 8bdfc5dae4e3ba4d99dfb430ef43249e5f1b7730 < 15a77e1ab0a994d69b471c76b8d01117128dda26

References

https://git.kernel.org/stable/c/51a501e990a353a4f15da6bab...

https://git.kernel.org/stable/c/f9a089d0a6d537d0f2061c8a3...

https://git.kernel.org/stable/c/15a77e1ab0a994d69b471c76b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON