CVE-2025-39674

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the UFS (Universal Flash Storage) Qualcomm (qcom) driver related to Enhanced System Interrupt (ESI) and Message Signaled Interrupts (MSI). A regression introduced by a commit caused a null pointer dereference when Platform MSI allocation failed during ESI configuration. This occurs when resources are freed that were never allocated, leading to a kernel NULL pointer dereference. The issue was fixed by restructuring the ESI configuration process and using explicit cleanup instead of the free() macro to avoid attempting to free unallocated resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.