Main Vulnerability Database SB2025100964

SB2025100964 - Improper locking in Linux kernel intel igc driver

Published: October 9, 2025

Security Bulletin ID SB2025100964

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper locking (CVE-ID: CVE-2025-39956)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the igc_probe() and igc_remove() functions in drivers/net/ethernet/intel/igc/igc_main.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/528eb4e19ec0df30d0c9ae4074ce945667dde919
https://git.kernel.org/stable/c/bec504867acc7315de9cd96ef9161fa52a25abe8
https://git.kernel.org/stable/c/f05e82d8553232cef150a6dbb70ed67d162abb2b