CVE-2025-39934
Analyzed
Analyzed - Analysis Complete
BaseFortify
Publication date: 2025-10-04
Last updated on: 2026-01-23
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ
If the interrupt occurs before resource initialization is complete, the
interrupt handler/worker may access uninitialized data such as the I2C
tcpc_client device, potentially leading to NULL pointer dereference.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.11 (inc) to 5.15.194 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.154 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.6.108 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.12.49 (exc) |
| linux | linux_kernel | From 6.13 (inc) to 6.16.9 (exc) |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
