VYPR
Medium severity5.5NVD Advisory· Published Sep 5, 2025· Updated Jun 17, 2026

CVE-2025-39699

CVE-2025-39699

Description

In the Linux kernel, the following vulnerability has been resolved:

iommu/riscv: prevent NULL deref in iova_to_phys

The riscv_iommu_pte_fetch() function returns either NULL for unmapped/never-mapped iova, or a valid leaf pte pointer that requires no further validation.

riscv_iommu_iova_to_phys() failed to handle NULL returns. Prevent null pointer dereference in riscv_iommu_iova_to_phys(), and remove the pte validation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.