5.5

CVE-2025-38251

atm: clip: prevent NULL deref in clip_push()

In the Linux kernel, the following vulnerability has been resolved:

atm: clip: prevent NULL deref in clip_push()

Blamed commit missed that vcc_destroy_socket() calls
clip_push() with a NULL skb.

If clip_devs is NULL, clip_push() then crashes when reading
skb->truesize.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.7.1 < 5.10.240
LinuxLinux Kernel Version >= 5.11 < 5.15.187
LinuxLinux Kernel Version >= 5.16 < 6.1.143
LinuxLinux Kernel Version >= 6.2 < 6.6.96
LinuxLinux Kernel Version >= 6.7 < 6.12.36
LinuxLinux Kernel Version >= 6.13 < 6.15.5
LinuxLinux Kernel Version5.7 Update-
LinuxLinux Kernel Version5.7 Updaterc5
LinuxLinux Kernel Version5.7 Updaterc6
LinuxLinux Kernel Version5.7 Updaterc7
LinuxLinux Kernel Version6.16 Updaterc1
LinuxLinux Kernel Version6.16 Updaterc2
LinuxLinux Kernel Version6.16 Updaterc3
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.042
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/88c88f91f4b3563956bb52e7a71a3640f7ece157
Patch
https://git.kernel.org/stable/c/3c709dce16999bf6a1d2ce377deb5dd6fdd8cb08
Patch
https://git.kernel.org/stable/c/a07005a77b18ae59b8471e7e4d991fa9f642b3c2
Patch
https://git.kernel.org/stable/c/ede31ad949ae0d03cb4c5edd79991586ad7c8bb8
Patch
https://git.kernel.org/stable/c/b993ea46b3b601915ceaaf3c802adf11e7d6bac6
Patch
https://git.kernel.org/stable/c/9199e8cb75f13a1650adcb3c6cad42789c43884e
Patch
https://git.kernel.org/stable/c/41f6420ee845006354c004839fed07da71e34aee
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List