5.5

CVE-2025-38526

ice: add NULL check in eswitch lag check

In the Linux kernel, the following vulnerability has been resolved:

ice: add NULL check in eswitch lag check

The function ice_lag_is_switchdev_running() is being called from outside of
the LAG event handler code.  This results in the lag->upper_netdev being
NULL sometimes.  To avoid a NULL-pointer dereference, there needs to be a
check before it is dereferenced.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.6.1 < 6.6.100
LinuxLinux Kernel Version >= 6.7 < 6.12.40
LinuxLinux Kernel Version >= 6.13 < 6.15.8
LinuxLinux Kernel Version6.6 Update-
LinuxLinux Kernel Version6.6 Updaterc6
LinuxLinux Kernel Version6.6 Updaterc7
LinuxLinux Kernel Version6.16 Updaterc1
LinuxLinux Kernel Version6.16 Updaterc2
LinuxLinux Kernel Version6.16 Updaterc3
LinuxLinux Kernel Version6.16 Updaterc4
LinuxLinux Kernel Version6.16 Updaterc5
LinuxLinux Kernel Version6.16 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.041
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/27591d926191e42b2332e4bad3bcd3a49def393b
Patch
https://git.kernel.org/stable/c/5a5d64f0eec82076b2c09fee2195d640cfbe3379
Patch
https://git.kernel.org/stable/c/245917d3c5ed7c6ae720302b64eac5c6f0c85177
Patch
https://git.kernel.org/stable/c/3ce58b01ada408b372f15b7c992ed0519840e3cf
Patch