CVE-2025-39846 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()

In __iodyn_find_io_region(), pcmcia_make_resource() is assigned to
res and used in pci_bus_alloc_resource(). There is a dereference of res
in pci_bus_alloc_resource(), which could lead to a NULL pointer
dereference on failure of pcmcia_make_resource().

Fix this bug by adding a check of res.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/2ee32c4c4f636e474cd8ab7c19a68cf36072ea93
https://git.kernel.org/stable/c/44822df89e8f3386871d9cad563ece8e2fd8f0e7
https://git.kernel.org/stable/c/4bd570f494124608a0696da070f00236a96fb610
https://git.kernel.org/stable/c/5ff2826c998370bf7f9ae26fe802140d220e3510
https://git.kernel.org/stable/c/b990c8c6ff50649ad3352507398e443b1e3527b2
https://git.kernel.org/stable/c/ce3b7766276894d2fbb07e2047a171f9deb965de
https://git.kernel.org/stable/c/d7286005e8fde0a430dc180a9f46c088c7d74483
https://git.kernel.org/stable/c/fafa7450075f41d232bc785a4ebcbf16374f2076

History

Fri, 19 Sep 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() In __iodyn_find_io_region(), pcmcia_make_resource() is assigned to res and used in pci_bus_alloc_resource(). There is a dereference of res in pci_bus_alloc_resource(), which could lead to a NULL pointer dereference on failure of pcmcia_make_resource(). Fix this bug by adding a check of res.
Title		pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()
References		https://git.kernel.org/stable/c/2ee32c4c4f636e474cd8ab7c19a68cf36072ea93 https://git.kernel.org/stable/c/44822df89e8f3386871d9cad563ece8e2fd8f0e7 https://git.kernel.org/stable/c/4bd570f494124608a0696da070f00236a96fb610 https://git.kernel.org/stable/c/5ff2826c998370bf7f9ae26fe802140d220e3510 https://git.kernel.org/stable/c/b990c8c6ff50649ad3352507398e443b1e3527b2 https://git.kernel.org/stable/c/ce3b7766276894d2fbb07e2047a171f9deb965de https://git.kernel.org/stable/c/d7286005e8fde0a430dc180a9f46c088c7d74483 https://git.kernel.org/stable/c/fafa7450075f41d232bc785a4ebcbf16374f2076

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-19T15:26:19.932Z

Updated: 2025-09-19T15:26:19.932Z

Reserved: 2025-04-16T07:20:57.141Z

Link: CVE-2025-39846

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-19T16:15:43.397

Modified: 2025-09-19T16:15:43.397

Link: CVE-2025-39846

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object