VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 4, 2025· Updated Apr 15, 2026

CVE-2025-40239

CVE-2025-40239

Description

In the Linux kernel, the following vulnerability has been resolved:

net: phy: micrel: always set shared->phydev for LAN8814

Currently, during the LAN8814 PTP probe shared->phydev is only set if PTP clock gets actually set, otherwise the function will return before setting it.

This is an issue as shared->phydev is unconditionally being used when IRQ is being handled, especially in lan8814_gpio_process_cap and since it was not set it will cause a NULL pointer exception and crash the kernel.

So, simply always set shared->phydev to avoid the NULL pointer exception.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In the Linux kernel's micrel PHY driver, shared->phydev is not always set, leading to a NULL pointer dereference in the IRQ handler on LAN8814.

Vulnerability

Analysis

Root Cause: In the LAN8814 PTP probe function within the Linux kernel's micrel PHY driver, the shared->phydev pointer is only set if the PTP clock initialization succeeds. If the PTP clock setup fails, the function returns early without assigning shared->phydev. This missing assignment leaves the pointer as NULL.

Exploitation: The vulnerability manifests during interrupt handling. When an IRQ occurs, the handler calls lan8814_gpio_process_cap, which unconditionally dereferences shared->phydev. If the pointer is NULL, this dereference causes a NULL pointer exception, leading to a kernel crash. An attacker with the ability to trigger an interrupt on the affected hardware (e.g., via network packets or PHY events) could cause a denial-of-service condition.

Impact: Successful exploitation results in a kernel crash (system panic), effectively causing a denial of service (DoS). The vulnerability does not require authentication or special privileges beyond having the affected hardware present and being able to generate PHY interrupts. No remote code execution or privilege escalation is implied by the description.

Mitigation: The fix is a one-line change to always set shared->phydev regardless of PTP clock setup outcome. The commit is applied to the stable kernel tree [1]. Users should update to a kernel version containing this commit. No workaround is mentioned; the issue is resolved by the patch.

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3

Patches

3
da1ef8e9eb5d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
b093b06826b8
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
399d10934740
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.