Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() The function of_phy_find_device may return NULL, so we need to take care before dereferencing phy_dev.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.19.153, < 4.20 |
| Debian | Debian Linux | 11.0 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/03e79de4608bdd48ad6eec272e196124cefaf798Patch
- https://git.kernel.org/stable/c/20a3433d31c2d2bf70ab0abec75f3136b42ae66cPatch
- https://git.kernel.org/stable/c/4fe53aaa4271a72fe5fe3e88a45ce01646b68dc5Patch
- https://git.kernel.org/stable/c/5f1bb554a131e59b28482abad21f691390651752Patch
- https://git.kernel.org/stable/c/8c60d12bba14dc655d2d948b1dbf390b3ae39cb8Patch
- https://git.kernel.org/stable/c/93a699d6e92cfdfa9eb9dbb8c653b5322542ca4fPatch
- https://git.kernel.org/stable/c/eb148d85e126c47d65be34f2a465d69432ca5541Patch
- https://git.kernel.org/stable/c/fe78891f296ac05bf4e5295c9829ef822f3c32e7Patch
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2025-39876?
CVE-2025-39876 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() The function of_phy_find_device may return NULL, so we need to...
How severe is CVE-2025-39876?
CVE-2025-39876 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-39876?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.