In the Linux kernel, the following vulnerability has been resolved:

drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ

If the interrupt occurs before resource initialization is complete, the
interrupt handler/worker may access uninitialized data such as the I2C
tcpc_client device, potentially leading to NULL pointer dereference.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00053.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux Subscribe
Linux Kernel Subscribe

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories
Source ID Title
Debian DLA Debian DLA DLA-4379-1 linux-6.1 security update
Debian DSA Debian DSA DSA-6053-1 linux security update
EUVD EUVD EUVD-2025-32386 In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C tcpc_client device, potentially leading to NULL pointer dereference.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/0da73f7827691a5e2265b110d5fe12f29535ec92 cve-icon cve-icon
https://git.kernel.org/stable/c/15a77e1ab0a994d69b471c76b8d01117128dda26 cve-icon cve-icon
https://git.kernel.org/stable/c/1a7ea294d57fb61485d11b3f2241d631d73025cb cve-icon cve-icon
https://git.kernel.org/stable/c/51a501e990a353a4f15da6bab295b28e5d118f64 cve-icon cve-icon
https://git.kernel.org/stable/c/a10f910c77f280327b481e77eab909934ec508f0 cve-icon cve-icon
https://git.kernel.org/stable/c/f9a089d0a6d537d0f2061c8a37a7de535ce0310e cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025100417-CVE-2025-39934-4c48@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-39934 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-39934 cve-icon
History

Mon, 06 Oct 2025 22:45:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Mon, 06 Oct 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Vendors & Products Linux
Linux linux Kernel

Sat, 04 Oct 2025 07:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C tcpc_client device, potentially leading to NULL pointer dereference.
Title drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-10-04T07:37:00.467Z

Reserved: 2025-04-16T07:20:57.148Z

Link: CVE-2025-39934

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-10-04T08:15:46.210

Modified: 2025-10-06T14:56:47.823

Link: CVE-2025-39934

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-10-04T00:00:00Z

Links: CVE-2025-39934 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2025-10-06T14:42:00Z

Weaknesses

No weakness.