{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "c24a65b6a27c78d8540409800886b6622ea86ebf"
            },
            {
              "fixed": "db783756a7d7cfaea039411971d0dc0a374e85cb"
            },
            {
              "fixed": "60dfe2434eed13082f26eb7409665dfafb38fa51"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39814.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset\n\nIssuing a reset when the driver is loaded without RDMA support, will\nresults in a crash as it attempts to remove RDMA's non-existent auxbus\ndevice:\necho 1 \u003e /sys/class/net/\u003cif\u003e/device/reset\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n...\nRIP: 0010:ice_unplug_aux_dev+0x29/0x70 [ice]\n...\nCall Trace:\n\u003cTASK\u003e\nice_prepare_for_reset+0x77/0x260 [ice]\npci_dev_save_and_disable+0x2c/0x70\npci_reset_function+0x88/0x130\nreset_store+0x5a/0xa0\nkernfs_fop_write_iter+0x15e/0x210\nvfs_write+0x273/0x520\nksys_write+0x6b/0xe0\ndo_syscall_64+0x79/0x3b0\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nice_unplug_aux_dev() checks pf-\u003ecdev_info-\u003eadev for NULL pointer, but\npf-\u003ecdev_info will also be NULL, leading to the deref in the trace above.\n\nIntroduce a flag to be set when the creation of the auxbus device is\nsuccessful, to avoid multiple NULL pointer checks in ice_unplug_aux_dev().",
  "id": "CVE-2025-39814",
  "modified": "2026-04-01T23:08:21.101238222Z",
  "published": "2025-09-16T13:00:15.552Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/60dfe2434eed13082f26eb7409665dfafb38fa51"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/db783756a7d7cfaea039411971d0dc0a374e85cb"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39814.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39814"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset"
}