PT-2025-36303 · Linux+5 · Linux Kernel+5

Published

2025-01-01

·

Updated

2026-05-26

·

CVE-2025-39709

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw where spurious interrupts can occur during probe operations in the media subsystem, specifically within the venus driver. This happens if an interrupt is registered before the interrupt handler is initialized, potentially leading to a NULL dereference. This condition was observed during system boot on Rb3Gen2 systems.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Initialization

NULL Pointer Dereference

Weakness Enumeration

CWE-665CWE-476

Related Identifiers

AZL-66929
BDU:2025-15201
CVE-2025-39709
DLA-4327-1
DLA-4328-1
DSA-6008-1
DSA-6009-1
ECHO-D31E-D060-FCBE
MGASA-2025-0234
MGASA-2025-0235
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3751-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4141-1
USN-7909-1
USN-7909-2
USN-7909-3
USN-7909-4
USN-7909-5
USN-7910-1
USN-7910-2
USN-7933-1
USN-7938-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Debian
Linuxmint
Linux Kernel
Rb3Gen2
Suse
Ubuntu