5.5

CVE-2025-37755

net: libwx: handle page_pool_dev_alloc_pages error

In the Linux kernel, the following vulnerability has been resolved:

net: libwx: handle page_pool_dev_alloc_pages error

page_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)
but it would still proceed to use the NULL pointer and then crash.

This is similar to commit 001ba0902046
("net: fec: handle page_pool_dev_alloc_pages error").

This is found by our static analysis tool KNighter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.3 < 6.6.88
LinuxLinux Kernel Version >= 6.7 < 6.12.24
LinuxLinux Kernel Version >= 6.13 < 6.13.12
LinuxLinux Kernel Version >= 6.14 < 6.14.3
LinuxLinux Kernel Version6.15 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.05
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/c17ef974bfcf1a50818168b47c4606b425a957c4
Patch
https://git.kernel.org/stable/c/ad81d666e114ebf989fc9994d4c93d451dc60056
Patch
https://git.kernel.org/stable/c/1dd13c60348f515acd8c6f25a561b9c4e3b04fea
Patch
https://git.kernel.org/stable/c/90bec7cef8805f9a23145e070dff28a02bb584eb
Patch
https://git.kernel.org/stable/c/7f1ff1b38a7c8b872382b796023419d87d78c47e
Patch