Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2025-39708

Published: Sep 05, 2025 | Modified: Sep 05, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
5.5 MODERATE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ubuntu
Vulnerability-free packages from our partners
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2025-39708
CWEhttps://cwe.mitre.org/data/definitions/.html

In the Linux kernel, the following vulnerability has been resolved:

media: iris: Fix NULL pointer dereference

A warning reported by smatch indicated a possible null pointer dereference where one of the arguments to API iris_hfi_gen2_handle_system_error could sometimes be null.

To fix this, add a check to validate that the argument passed is not null before accessing its members.

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use