CVE-2025-39960

Published: Oct 9, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: initialize acpi_gpio_info struct Since commit 7c010d463372 ("gpiolib: acpi: Make sure we fill struct acpi_gpio_info"), uninitialized acpi_gpio_info struct are passed to __acpi_find_gpio() and later in the call stack info->quirks is used in acpi_populate_gpio_lookup. This breaks the i2c_hid_cpi driver: [ 58.122916] i2c_hid_acpi i2c-UNIW0001:00: HID over i2c has not been provided an Int IRQ [ 58.123097] i2c_hid_acpi i2c-UNIW0001:00: probe with driver i2c_hid_acpi failed with error -22 Fix this by initializing the acpi_gpio_info pass to __acpi_find_gpio()

Vendor	Product	Versions
Linux	Linux	affected `7c010d463372140006bf96985a306d6cbfc6e118 - < 27d94a2a52cbb54927c0140bd5b978c56e9a283a` affected `7c010d463372140006bf96985a306d6cbfc6e118 - < 19c839a98c731169f06d32e7c9e00c78a0086ebe`
Linux	Linux	affected `6.16` unaffected `0 - < 6.16` unaffected `6.16.9 - <= 6.16.` unaffected `6.17 - <= `

References

https://git.kernel.org/stable/c/27d94a2a52cbb54927c0140bd5b978c56e9a283a

https://git.kernel.org/stable/c/19c839a98c731169f06d32e7c9e00c78a0086ebe

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39960

Description

Affected Products

References