CVE-2025-39853

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-39853
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39853.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-39853
Downstream
Related
Published
2025-09-19T15:26:25.101Z
Modified
2026-03-12T02:18:48.050223Z
Summary
i40e: Fix potential invalid access when MAC list is empty
Details

In the Linux kernel, the following vulnerability has been resolved:

i40e: Fix potential invalid access when MAC list is empty

listfirstentry() never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory access when dereferenced.

Fix this by using listfirstentryornull instead of listfirstentry.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39853.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e3219ce6a775468368fb270fae3eb82a6787b436
Fixed
971feafe157afac443027acdc235badc6838560b
Fixed
3c6fb929afa313d9d11f780451d113f73922fe5d
Fixed
1eadabcf5623f1237a539b16586b4ed8ac8dffcd
Fixed
e2a5e74879f9b494bbd66fa93f355feacde450c7
Fixed
fb216d980fae6561c7c70af8ef826faf059c6515
Fixed
66e7cdbda74ee823ec2bf7b830ebd235c54f5ddf
Fixed
9c21fc4cebd44dd21016c61261a683af390343f8
Fixed
a556f06338e1d5a85af0e32ecb46e365547f92b9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39853.json"