{"id":"CVE-2025-39814","summary":"ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset\n\nIssuing a reset when the driver is loaded without RDMA support, will\nresults in a crash as it attempts to remove RDMA's non-existent auxbus\ndevice:\necho 1 \u003e /sys/class/net/\u003cif\u003e/device/reset\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n...\nRIP: 0010:ice_unplug_aux_dev+0x29/0x70 [ice]\n...\nCall Trace:\n\u003cTASK\u003e\nice_prepare_for_reset+0x77/0x260 [ice]\npci_dev_save_and_disable+0x2c/0x70\npci_reset_function+0x88/0x130\nreset_store+0x5a/0xa0\nkernfs_fop_write_iter+0x15e/0x210\nvfs_write+0x273/0x520\nksys_write+0x6b/0xe0\ndo_syscall_64+0x79/0x3b0\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nice_unplug_aux_dev() checks pf-\u003ecdev_info-\u003eadev for NULL pointer, but\npf-\u003ecdev_info will also be NULL, leading to the deref in the trace above.\n\nIntroduce a flag to be set when the creation of the auxbus device is\nsuccessful, to avoid multiple NULL pointer checks in ice_unplug_aux_dev().","modified":"2026-04-02T12:48:10.022682Z","published":"2025-09-16T13:00:15.552Z","related":["SUSE-SU-2026:20555-1","SUSE-SU-2026:20599-1","SUSE-SU-2026:20615-1","openSUSE-SU-2026:20287-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39814.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/60dfe2434eed13082f26eb7409665dfafb38fa51"},{"type":"WEB","url":"https://git.kernel.org/stable/c/db783756a7d7cfaea039411971d0dc0a374e85cb"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39814.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39814"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c24a65b6a27c78d8540409800886b6622ea86ebf"},{"fixed":"db783756a7d7cfaea039411971d0dc0a374e85cb"},{"fixed":"60dfe2434eed13082f26eb7409665dfafb38fa51"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-39814.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}