5.5

CVE-2025-37912

ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()

In the Linux kernel, the following vulnerability has been resolved:

ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()

As mentioned in the commit baeb705fd6a7 ("ice: always check VF VSI
pointer values"), we need to perform a null pointer check on the return
value of ice_get_vf_vsi() before using it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.172 < 5.15.182
LinuxLinux Kernel Version >= 6.1.103 < 6.1.138
LinuxLinux Kernel Version >= 6.6.44 < 6.6.90
LinuxLinux Kernel Version >= 6.10.3 < 6.12.28
LinuxLinux Kernel Version >= 6.13 < 6.14.6
LinuxLinux Kernel Version6.15 Updaterc1
LinuxLinux Kernel Version6.15 Updaterc2
LinuxLinux Kernel Version6.15 Updaterc3
LinuxLinux Kernel Version6.15 Updaterc4
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.055
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/a32dcc3b8293600ddc4024731b4d027d4de061a4
Patch
https://git.kernel.org/stable/c/0561f2e374c3732b90e50f0a244791a4308ec67e
Patch
https://git.kernel.org/stable/c/eae60cfe25d022d7f0321dba4cc23ad8e87ade48
Patch
https://git.kernel.org/stable/c/073791e9cfe6e4a11a6d85816ba87b1aa207493e
Patch
https://git.kernel.org/stable/c/f68237982dc012230550f4ecf7ce286a9c37ddc9
Patch
https://git.kernel.org/stable/c/425c5f266b2edeee0ce16fedd8466410cdcfcfe3
Patch
https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html
Mailing List