-

CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved:

fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt()

fpga_mgr_test_img_load_sgt() allocates memory for sgt using
kunit_kzalloc() however it does not check if the allocation failed.
It then passes sgt to sg_alloc_table(), which passes it to
__sg_alloc_table(). This function calls memset() on sgt in an attempt to
zero it out. If the allocation fails then sgt will be NULL and the
memset will trigger a NULL pointer dereference.

Fix this by checking the allocation with KUNIT_ASSERT_NOT_ERR_OR_NULL().

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
Product Linux
Default Statusunaffected
Version < e69e2cfd8b38d9463a250e153ef4963a604d61e9
Version ccbc1c302115d8125d6a96296ba52702c6de0ade
Status affected
Version < 8b2230ac7ff0aeb2441132df638a82ab124f8624
Version ccbc1c302115d8125d6a96296ba52702c6de0ade
Status affected
Version < eb4c74eaa6e2d15f3bbd32941c9d2a25b29a718d
Version ccbc1c302115d8125d6a96296ba52702c6de0ade
Status affected
Version < 6ebf1982038af12f3588417e4fd0417d2551da28
Version ccbc1c302115d8125d6a96296ba52702c6de0ade
Status affected
VendorLinux
Product Linux
Default Statusaffected
Version 6.6
Status affected
Version < 6.6
Version 0
Status unaffected
Version <= 6.6.*
Version 6.6.94
Status unaffected
Version <= 6.12.*
Version 6.12.34
Status unaffected
Version <= 6.15.*
Version 6.15.3
Status unaffected
Version <= *
Version 6.16
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.03% 0.058
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string