CVE-2025-39937
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's rfkill-gpio driver could cause kernel crashes on specific x86 systems with BCM4752 or LNV4752 ACPI devices. This affects Linux systems where the driver attempts to read an uninitialized type_name variable when no 'type' property exists. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
System crash or kernel panic on affected hardware when rfkill-gpio driver binds to specific ACPI devices.
If Mitigated
No impact if systems don't have the specific ACPI hardware or if the stack happens to contain NULL at the right location.
🎯 Exploit Status
Exploitation requires local access and specific hardware. The vulnerability is a NULL pointer dereference that's triggered during normal driver initialization.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 184f608a68f96794e8fe58cd5535014d53622cde, 21a39b958b4bcf44f7674bfbbe1bbb8cad0d842d, 21ba85d9d508422ca9e6698463ff9357c928c22d, 47ade5f9d70b23a119ec20b1c6504864b2543a79, 689aee35ce671aab752f159e5c8e66d7685e6887
Vendor Advisory: https://git.kernel.org/stable/c/184f608a68f96794e8fe58cd5535014d53622cde
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Reboot the system. 3. Verify the kernel version after reboot.
🔧 Temporary Workarounds
Disable rfkill-gpio module
linuxPrevent loading of the vulnerable driver module
echo 'blacklist rfkill-gpio' >> /etc/modprobe.d/blacklist.conf
rmmod rfkill-gpio
Remove hardware triggering
linuxDisable or remove BCM4752/LNV4752 ACPI devices if present
Check ACPI devices: acpidump | grep -i 'BCM4752\|LNV4752'
🧯 If You Can't Patch
- Restrict local access to systems with vulnerable hardware
- Monitor system logs for kernel panic events related to rfkill-gpio
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if rfkill-gpio module is loaded on systems with BCM4752/LNV4752 ACPI devicesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and test rfkill-gpio functionality📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- rfkill-gpio driver crash logs
- NULL pointer dereference in kernel logs
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("rfkill-gpio" OR "NULL pointer dereference" OR "kernel panic")🔗 References
- https://git.kernel.org/stable/c/184f608a68f96794e8fe58cd5535014d53622cde
- https://git.kernel.org/stable/c/21a39b958b4bcf44f7674bfbbe1bbb8cad0d842d
- https://git.kernel.org/stable/c/21ba85d9d508422ca9e6698463ff9357c928c22d
- https://git.kernel.org/stable/c/47ade5f9d70b23a119ec20b1c6504864b2543a79
- https://git.kernel.org/stable/c/689aee35ce671aab752f159e5c8e66d7685e6887
- https://git.kernel.org/stable/c/8793e7a8e1b60131a825457174ed6398111daeb7
- https://git.kernel.org/stable/c/ada2282259243387e6b6e89239aeb4897e62f051
- https://git.kernel.org/stable/c/b6f56a44e4c1014b08859dcf04ed246500e310e5
