CVE-2025-39853

Summary

In the Linux kernel, the following vulnerability has been resolved:

i40e: Fix potential invalid access when MAC list is empty

list_first_entry() never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory access when dereferenced.

Fix this by using list_first_entry_or_null instead of list_first_entry.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe3219ce6a775468368fb270fae3eb82a6787b436 < 971feafe157afac443027acdc235badc6838560baffected
LinuxLinuxe3219ce6a775468368fb270fae3eb82a6787b436 < 3c6fb929afa313d9d11f780451d113f73922fe5daffected
LinuxLinuxe3219ce6a775468368fb270fae3eb82a6787b436 < 1eadabcf5623f1237a539b16586b4ed8ac8dffcdaffected
LinuxLinuxe3219ce6a775468368fb270fae3eb82a6787b436 < e2a5e74879f9b494bbd66fa93f355feacde450c7affected
LinuxLinuxe3219ce6a775468368fb270fae3eb82a6787b436 < fb216d980fae6561c7c70af8ef826faf059c6515affected
LinuxLinuxe3219ce6a775468368fb270fae3eb82a6787b436 < 66e7cdbda74ee823ec2bf7b830ebd235c54f5ddfaffected
LinuxLinuxe3219ce6a775468368fb270fae3eb82a6787b436 < 9c21fc4cebd44dd21016c61261a683af390343f8affected
LinuxLinuxe3219ce6a775468368fb270fae3eb82a6787b436 < a556f06338e1d5a85af0e32ecb46e365547f92b9affected
LinuxLinux4.6affected
LinuxLinux0 < 4.6unaffected
LinuxLinux5.4.299 <= 5.4.*unaffected
LinuxLinux5.10.243 <= 5.10.*unaffected
LinuxLinux5.15.192 <= 5.15.*unaffected
LinuxLinux6.1.151 <= 6.1.*unaffected
LinuxLinux6.6.105 <= 6.6.*unaffected
LinuxLinux6.12.46 <= 6.12.*unaffected
LinuxLinux6.16.6 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

Additional References

References