5.5

CVE-2025-38645

net/mlx5: Check device memory pointer before usage

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Check device memory pointer before usage

Add a NULL check before accessing device memory to prevent a crash if
dev->dm allocation in mlx5_init_once() fails.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4 < 5.15.190
LinuxLinux Kernel Version >= 5.16 < 6.1.148
LinuxLinux Kernel Version >= 6.2 < 6.6.102
LinuxLinux Kernel Version >= 6.7 < 6.12.42
LinuxLinux Kernel Version >= 6.13 < 6.15.10
LinuxLinux Kernel Version >= 6.16 < 6.16.1
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/eebb225fe6c9103293807b8edabcbad59f9589bc
Patch
https://git.kernel.org/stable/c/62d7cf455c887941ed6f105cd430ba04ee0b6c9f
Patch
https://git.kernel.org/stable/c/4249f1307932f1b6bbb8b7eba60d82f0b7e44430
Patch
https://git.kernel.org/stable/c/3046b011d368162b1b9ca9453eee0fea930e0a93
Patch
https://git.kernel.org/stable/c/da899a1fd7c40e2e4302af1db7d0b8540fb22283
Patch
https://git.kernel.org/stable/c/70f238c902b8c0461ae6fbb8d1a0bbddc4350eea
Patch
https://git.kernel.org/stable/c/9053a69abfb5680c2a95292b96df5d204bc0776f
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory