CVE-2025-39956
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-09

Last updated on: 2026-02-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igc_probe() on LED setup error When igc_led_setup() fails, igc_probe() fails and triggers kernel panic in free_netdev() since unregister_netdev() is not called. [1] This behavior can be tested using fault-injection framework, especially the failslab feature. [2] Since LED support is not mandatory, treat LED setup failures as non-fatal and continue probe with a warning message, consequently avoiding the kernel panic. [1] kernel BUG at net/core/dev.c:12047! Oops: invalid opcode: 0000 [#1] SMP NOPTI CPU: 0 UID: 0 PID: 937 Comm: repro-igc-led-e Not tainted 6.17.0-rc4-enjuk-tnguy-00865-gc4940196ab02 #64 PREEMPT(voluntary) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:free_netdev+0x278/0x2b0 [...] Call Trace: <TASK> igc_probe+0x370/0x910 local_pci_probe+0x3a/0x80 pci_device_probe+0xd1/0x200 [...] [2] #!/bin/bash -ex FAILSLAB_PATH=/sys/kernel/debug/failslab/ DEVICE=0000:00:05.0 START_ADDR=$(grep " igc_led_setup" /proc/kallsyms \ | awk '{printf("0x%s", $1)}') END_ADDR=$(printf "0x%x" $((START_ADDR + 0x100))) echo $START_ADDR > $FAILSLAB_PATH/require-start echo $END_ADDR > $FAILSLAB_PATH/require-end echo 1 > $FAILSLAB_PATH/times echo 100 > $FAILSLAB_PATH/probability echo N > $FAILSLAB_PATH/ignore-gfp-wait echo $DEVICE > /sys/bus/pci/drivers/igc/bind
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-09
Last Modified
2026-02-26
Generated
2026-06-16
AI Q&A
2025-10-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-39956
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.17
linux linux_kernel From 6.13 (inc) to 6.16.9 (inc)
intel igc *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's igc driver where if the LED setup function (igc_led_setup) fails during device probing (igc_probe), the probe function also fails and causes a kernel panic. This happens because the network device is not properly unregistered (unregister_netdev is not called), leading to a crash in free_netdev. The fix treats LED setup failures as non-fatal, allowing the probe to continue with a warning instead of causing a kernel panic.

Impact Analysis

This vulnerability can cause a kernel panic on systems using the affected Linux kernel igc driver if the LED setup fails. A kernel panic results in a system crash and potential downtime, which can disrupt services and require a reboot to recover. This may affect system stability and availability.

Detection Guidance

This vulnerability can be detected using the Linux kernel fault-injection framework, specifically the failslab feature. The following commands illustrate how to set up fault injection to test the igc_led_setup failure: #!/bin/bash -ex FAILSLAB_PATH=/sys/kernel/debug/failslab/ DEVICE=0000:00:05.0 START_ADDR=$(grep " igc_led_setup" /proc/kallsyms | awk '{printf("0x%s", $1)}') END_ADDR=$(printf "0x%x" $((START_ADDR + 0x100))) echo $START_ADDR > $FAILSLAB_PATH/require-start echo $END_ADDR > $FAILSLAB_PATH/require-end echo 1 > $FAILSLAB_PATH/times echo 100 > $FAILSLAB_PATH/probability echo N > $FAILSLAB_PATH/ignore-gfp-wait echo $DEVICE > /sys/bus/pci/drivers/igc/bind

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the igc driver treats LED setup failures as non-fatal and continues the probe with a warning instead of failing and causing a kernel panic. This avoids the failure in igc_probe() and prevents the kernel panic triggered by free_netdev().

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-39956. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart