CVE-2025-39876

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable()

The function of_phy_find_device may return NULL, so we need to take care before dereferencing phy_dev.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9e70485b40c8306298adea8bdc867ca27f88955a < 8c60d12bba14dc655d2d948b1dbf390b3ae39cb8affected
LinuxLinux64a632da538a6827fad0ea461925cedb9899ebe2 < 20a3433d31c2d2bf70ab0abec75f3136b42ae66caffected
LinuxLinux64a632da538a6827fad0ea461925cedb9899ebe2 < 93a699d6e92cfdfa9eb9dbb8c653b5322542ca4faffected
LinuxLinux64a632da538a6827fad0ea461925cedb9899ebe2 < 5f1bb554a131e59b28482abad21f691390651752affected
LinuxLinux64a632da538a6827fad0ea461925cedb9899ebe2 < fe78891f296ac05bf4e5295c9829ef822f3c32e7affected
LinuxLinux64a632da538a6827fad0ea461925cedb9899ebe2 < 4fe53aaa4271a72fe5fe3e88a45ce01646b68dc5affected
LinuxLinux64a632da538a6827fad0ea461925cedb9899ebe2 < eb148d85e126c47d65be34f2a465d69432ca5541affected
LinuxLinux64a632da538a6827fad0ea461925cedb9899ebe2 < 03e79de4608bdd48ad6eec272e196124cefaf798affected
LinuxLinuxc068e505f229ca5f778f825f1401817ce818e917affected
LinuxLinux8a6ab151443cd71e2aa5e8b7014e3453dbd51935affected
LinuxLinuxce88b5f42868ef4964c497d4dfcd25e88fd60c5baffected
LinuxLinux5.4.73 < 5.4.300affected
LinuxLinux4.19.153 < 4.20affected
LinuxLinux5.8.17 < 5.9affected
LinuxLinux5.9.2 < 5.10affected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux5.4.300 <= 5.4.*unaffected
LinuxLinux5.10.245 <= 5.10.*unaffected
LinuxLinux5.15.194 <= 5.15.*unaffected
LinuxLinux6.1.153 <= 6.1.*unaffected
LinuxLinux6.6.107 <= 6.6.*unaffected
LinuxLinux6.12.48 <= 6.12.*unaffected
LinuxLinux6.16.8 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References