CVE-2025-39897 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaengine_desc_get_metadata_ptr() which can return an error pointer and lead to potential crashes or undefined behaviour if the pointer retrieval fails. Properly handle the error by unmapping DMA buffer, freeing the skb and returning early to prevent further processing with invalid data.

PUBLISHED Reserved 2025-04-16 | Published 2025-10-01 | Updated 2025-10-01 | Assigner Linux

Product status

Default status

unaffected

6a91b846af85a24241decd686269e8e038eb13d1 before d0ecda6fdd840b406df6617b003b036f65dd8926

affected

6a91b846af85a24241decd686269e8e038eb13d1 before 92e2fc92bc4eb2bc0e84404316fbc02ddd0a3196

affected

6a91b846af85a24241decd686269e8e038eb13d1 before 8bbceba7dc5090c00105e006ce28d1292cfda8dd

affected

Default status

affected

6.8

affected

Any version before 6.8

unaffected

6.12.46

unaffected

6.16.6

unaffected

6.17

unaffected

References

git.kernel.org/...c/d0ecda6fdd840b406df6617b003b036f65dd8926

git.kernel.org/...c/92e2fc92bc4eb2bc0e84404316fbc02ddd0a3196

git.kernel.org/...c/8bbceba7dc5090c00105e006ce28d1292cfda8dd

cve.org (CVE-2025-39897)

nvd.nist.gov (CVE-2025-39897)

Download JSON

help @ threatint.eu