-

CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved:

fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt()

fpga_mgr_test_img_load_sgt() allocates memory for sgt using
kunit_kzalloc() however it does not check if the allocation failed.
It then passes sgt to sg_alloc_table(), which passes it to
__sg_alloc_table(). This function calls memset() on sgt in an attempt to
zero it out. If the allocation fails then sgt will be NULL and the
memset will trigger a NULL pointer dereference.

Fix this by checking the allocation with KUNIT_ASSERT_NOT_ERR_OR_NULL().

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < e69e2cfd8b38d9463a250e153ef4963a604d61e9
Version ccbc1c302115d8125d6a96296ba52702c6de0ade
Status affected
Version < 8b2230ac7ff0aeb2441132df638a82ab124f8624
Version ccbc1c302115d8125d6a96296ba52702c6de0ade
Status affected
Version < eb4c74eaa6e2d15f3bbd32941c9d2a25b29a718d
Version ccbc1c302115d8125d6a96296ba52702c6de0ade
Status affected
Version < 6ebf1982038af12f3588417e4fd0417d2551da28
Version ccbc1c302115d8125d6a96296ba52702c6de0ade
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 6.6
Status affected
Version < 6.6
Version 0
Status unaffected
Version <= 6.6.*
Version 6.6.94
Status unaffected
Version <= 6.12.*
Version 6.12.34
Status unaffected
Version <= 6.15.*
Version 6.15.3
Status unaffected
Version <= *
Version 6.16
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.058
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String