CVE-2025-39858 – A NULL pointer dereference vulnerability exists... (How to Fix)

Q: What is the severity of CVE-2025-39858?

CVE-2025-39858 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability exists in the mlx4 Ethernet driver in the Linux kernel. This occurs when the page_pool_create() function returns an error pointer, but the code incorrectly checks for NULL instead of using IS_ERR(). This could cause kernel crashes or instability on systems using Mellanox network hardware.

📋 TL;DR

A NULL pointer dereference vulnerability exists in the mlx4 Ethernet driver in the Linux kernel. This occurs when the page_pool_create() function returns an error pointer, but the code incorrectly checks for NULL instead of using IS_ERR(). This could cause kernel crashes or instability on systems using Mellanox network hardware.

💻 Affected Systems

Products:

Linux kernel with mlx4 Ethernet driver enabled

Versions: Kernel versions containing the vulnerable code prior to the fix commits

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if CONFIG_MLX4_EN is enabled and Mellanox hardware is present. Most desktop systems are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially disrupting network connectivity and system availability.

🟠

Likely Case

System instability or crash when the mlx4 driver encounters specific error conditions during network interface initialization.

🟢

If Mitigated

Minor performance impact or driver initialization failure without system crash if error handling catches the issue.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific driver error conditions, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Could affect servers using Mellanox hardware, potentially causing service disruption if triggered.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to trigger specific error conditions in the mlx4 driver, likely needing local access or control over hardware initialization.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 7b77d8841a98a9f45c8a615222c698df8dec581c and e580beaf43d563aaf457f1c7f934002355ebfe7b

Vendor Advisory: https://git.kernel.org/stable/c/7b77d8841a98a9f45c8a615222c698df8dec581c

Restart Required: Yes

Instructions:

1. Update to a kernel version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable mlx4 driver

Linux

Prevent loading of the vulnerable driver module

echo 'blacklist mlx4_en' >> /etc/modprobe.d/blacklist.conf
rmmod mlx4_en

🧯 If You Can't Patch

Ensure proper hardware configuration to minimize driver error conditions
Implement monitoring for kernel panics or system instability related to network interfaces

🔍 How to Verify

Check if Vulnerable:

Check if mlx4 driver is loaded: lsmod | grep mlx4_en. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: grep -r 'mlx4_en_create_rx_ring' /proc/kallsyms or check kernel source.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
Oops messages in dmesg
Network interface initialization failures

Network Indicators:

Sudden loss of network connectivity on affected interfaces

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "mlx4")

📊 Metadata

CVE ID: CVE-2025-39858

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.03% exploit probability (6.2th percentile)

Published: September 19, 2025

Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-39858, you might also want to check these: