CVE-2025-39709
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-05

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hfi_create(), it's possible that an interrupt fires before the handler setup is complete, leading to a NULL dereference. This error condition has been observed during system boot on Rb3Gen2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-05
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-09-05
EPSS Evaluated
2026-06-15
NVD
CVE-2025-39709
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.1.153-1
linux linux_kernel 5.10.244-1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's media: venus component, where an interrupt handler may not be properly initialized before the interrupt is registered. If the interrupt request (IRQ) is registered before the handler setup (hfi_create()) is complete, an interrupt can fire prematurely, causing a NULL pointer dereference. This issue has been observed during system boot on Rb3Gen2 hardware.

Impact Analysis

The vulnerability can cause a NULL pointer dereference, which may lead to system instability or crashes during boot on affected hardware. This could result in denial of service or unexpected system behavior.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-39709. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart