5.5
CVE-2025-37755
- EPSS 0.15%
- Veröffentlicht 01.05.2025 12:55:59
- Zuletzt bearbeitet 06.11.2025 21:27:09
- CVE-Watchlists
- Unerledigt
net: libwx: handle page_pool_dev_alloc_pages error
In the Linux kernel, the following vulnerability has been resolved:
net: libwx: handle page_pool_dev_alloc_pages error
page_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)
but it would still proceed to use the NULL pointer and then crash.
This is similar to commit 001ba0902046
("net: fec: handle page_pool_dev_alloc_pages error").
This is found by our static analysis tool KNighter.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.3 < 6.6.88
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.24
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.12
Linux ≫ Linux Kernel Version >= 6.14 < 6.14.3
Linux ≫ Linux Kernel Version6.15 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.05 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/c17ef974bfcf1a50818168b47c4606b425a957c4
https://git.kernel.org/stable/c/ad81d666e114ebf989fc9994d4c93d451dc60056
https://git.kernel.org/stable/c/1dd13c60348f515acd8c6f25a561b9c4e3b04fea
https://git.kernel.org/stable/c/90bec7cef8805f9a23145e070dff28a02bb584eb
https://git.kernel.org/stable/c/7f1ff1b38a7c8b872382b796023419d87d78c47e