CVE-2025-39876

In the Linux kernel, the following vulnerability has been resolved:

net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable()

The function of_phy_find_device may return NULL, so we need to take
care before dereferencing phy_dev.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
vulnerable
bullseye (security)
vulnerable
bookworm
vulnerable
bookworm (security)
6.1.153-1
fixed
trixie
vulnerable
trixie (security)
6.12.48-1
fixed
forky
vulnerable
sid
6.16.8-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/03e79de4608bdd48ad6eec272e196124cefaf798
https://git.kernel.org/stable/c/4fe53aaa4271a72fe5fe3e88a45ce01646b68dc5
https://git.kernel.org/stable/c/5f1bb554a131e59b28482abad21f691390651752
https://git.kernel.org/stable/c/eb148d85e126c47d65be34f2a465d69432ca5541
https://git.kernel.org/stable/c/fe78891f296ac05bf4e5295c9829ef822f3c32e7