CVE-2025-39897

Published: Oct 1, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaengine_desc_get_metadata_ptr() which can return an error pointer and lead to potential crashes or undefined behaviour if the pointer retrieval fails. Properly handle the error by unmapping DMA buffer, freeing the skb and returning early to prevent further processing with invalid data.

Vendor	Product	Versions
Linux	Linux	affected `6a91b846af85a24241decd686269e8e038eb13d1 - < d0ecda6fdd840b406df6617b003b036f65dd8926` affected `6a91b846af85a24241decd686269e8e038eb13d1 - < 92e2fc92bc4eb2bc0e84404316fbc02ddd0a3196` affected `6a91b846af85a24241decd686269e8e038eb13d1 - < 8bbceba7dc5090c00105e006ce28d1292cfda8dd`
Linux	Linux	affected `6.8` unaffected `0 - < 6.8` unaffected `6.12.46 - <= 6.12.` unaffected `6.16.6 - <= 6.16.` unaffected `6.17 - <= *`

References

https://git.kernel.org/stable/c/d0ecda6fdd840b406df6617b003b036f65dd8926

https://git.kernel.org/stable/c/92e2fc92bc4eb2bc0e84404316fbc02ddd0a3196

https://git.kernel.org/stable/c/8bbceba7dc5090c00105e006ce28d1292cfda8dd

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39897

Description

Affected Products

References