Description

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: prevent NULL deref in iova_to_phys The riscv_iommu_pte_fetch() function returns either NULL for unmapped/never-mapped iova, or a valid leaf pte pointer that requires no further validation. riscv_iommu_iova_to_phys() failed to handle NULL returns. Prevent null pointer dereference in riscv_iommu_iova_to_phys(), and remove the pte validation.

INFO

Published Date :

2025-09-05T17:21:05.379Z

Last Modified :

2025-09-05T17:21:05.379Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-39699 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-39699.

URL Resource
https://git.kernel.org/stable/c/220c491490255b656672bb572b18460cd9155926 cve-icon cve-icon
https://git.kernel.org/stable/c/99d4d1a070870aa08163af8ce0522992b7f35d8c cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025090548-CVE-2025-39699-4d8c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-39699 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-39699 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact