CVE-2025-39772

MEDIUM

Linux Kernel 4.14-6.16.3 - NULL Pointer Dereference in hibmc Driver

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmc_unload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto statement to return, because hibnc_hw_init() doesn't need to free anything.

References (8)

Core 8

Core References

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

Patch

https://git.kernel.org/stable/c/ddf1691f25345699296e642f0f59f2d464722fa3

Patch

https://git.kernel.org/stable/c/c950e1be3a24d021475b56efdb49daa7fbba63a9

Patch

https://git.kernel.org/stable/c/f93032e5d68f459601c701f6ab087b5feb3382e8

Patch

https://git.kernel.org/stable/c/a4f1b9c57092c48bdc7958abd23403ccaed437b2

Patch

https://git.kernel.org/stable/c/d3e774266c28aefab3e9db334fdf568f936cae04

Patch

https://git.kernel.org/stable/c/93a08f856fcc5aaeeecad01f71bef3088588216a

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-032379.html

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 5.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (22)

debian/debian_linux 11.0

linux/Kernel 4.14.0 - 5.15.190linux

linux/Kernel 5.16.0 - 6.1.149linux

linux/Kernel 6.13.0 - 6.16.4linux

linux/Kernel 6.2.0 - 6.6.103linux

linux/Kernel 6.7.0 - 6.12.44linux

Linux/Linux < 4.14

Linux/Linux 4.14

Linux/Linux 5.15.190 - 5.15.*

Linux/Linux 6.1.149 - 6.1.*

... and 12 more

Published Sep 11, 2025

Tracked Since Feb 18, 2026