CVE-2025-39915 | Linux Kernel up to 6.16.7 phy_config_inband deserialization

October 1, 2025 Yanac

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.16.7. This affects the function phy_config_inband. Executing manipulation can lead to deserialization.

This vulnerability is tracked as CVE-2025-39915. The attack is only possible within the local network. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-39917 | Linux Kernel up to 6.12.47/6.16.7 bpf_crypto_crypt out-of-bounds write
CVE-2025-39914 | Linux Kernel up to 6.1.152/6.6.106/6.12.47/6.16.7 tracing trace_pid_write allocation of resources