CVE-2025-40255
Awaiting Analysis Awaiting Analysis - Queue

BaseFortify

Vulnerability report for CVE-2025-40255, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-04

Last updated on: 2025-12-04

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfig_prepare_data() -> dev_get_hwtstamp_phylib() -> vlan_hwtstamp_get() -> generic_hwtstamp_get_lower() -> generic_hwtstamp_ioctl_lower() results in generic_hwtstamp_ioctl_lower() being called with kernel_cfg->ifr as NULL. The generic_hwtstamp_ioctl_lower() function does not expect a NULL ifr and dereferences it, leading to a system crash. Fix this by adding a NULL check for kernel_cfg->ifr in generic_hwtstamp_ioctl_lower(). If ifr is NULL, return -EINVAL.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-04
Last Modified
2025-12-04
Generated
2026-07-06
AI Q&A
2025-12-04
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a NULL pointer dereference in the Linux kernel's generic_hwtstamp_ioctl_lower() function. Specifically, the function is called with a NULL ifr pointer, which it does not expect, leading to a system crash. The issue arises in the ethtool tsconfig Netlink path through a call chain that eventually results in dereferencing a NULL pointer. The fix involves adding a NULL check for the ifr pointer and returning an error if it is NULL.

Impact Analysis

This vulnerability can cause a system crash due to a NULL pointer dereference in the Linux kernel. Such a crash can lead to denial of service, making the affected system unstable or unavailable until it is rebooted or recovered.

Mitigation Strategies

Apply the patch or update to a Linux kernel version that includes the fix for this vulnerability, which adds a NULL check for kernel_cfg->ifr in generic_hwtstamp_ioctl_lower() to prevent the null pointer dereference and system crash.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-40255. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart