-

CVE-2025-40053

EPSS 0.06%
Veröffentlicht 28.10.2025 11:48:28
Zuletzt bearbeitet 30.10.2025 15:05:32
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: dlink: handle copy_thresh allocation failure

The driver did not handle failure of `netdev_alloc_skb_ip_align()`.
If the allocation failed, dereferencing `skb->protocol` could lead to
a NULL pointer dereference.

This patch tries to allocate `skb`. If the allocation fails, it falls
back to the normal path.

Tested-on: D-Link DGE-550T Rev-A3

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 84fd710a704f3d53d4120e452e86cea558cf73a8

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 5aa9b885602811a026a3f45c92ea2b4b04c54f09

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 9d49e4b14609e1a20d931e718962c4b6b5485174

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < ea87151df398d407a632c7bf63013290f01c5009

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 7ed5010fef0930f4322d620052edc854ef3ec41f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < fd7b6b2c920d7fd370a612be416a904d6e1ebe55

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 8169a6011c5fecc6cb1c3654c541c567d3318de8

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.12

Status affected

Version < 2.6.12

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.246

Status unaffected

Version <= 5.15.*

Version 5.15.195

Status unaffected

Version <= 6.1.*

Version 6.1.156

Status unaffected

Version <= 6.6.*

Version 6.6.112

Status unaffected

Version <= 6.12.*

Version 6.12.53

Status unaffected

Version <= 6.17.*

Version 6.17.3

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.188

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/5aa9b885602811a026a3f45c92ea2b4b04c54f09

https://git.kernel.org/stable/c/9d49e4b14609e1a20d931e718962c4b6b5485174

https://git.kernel.org/stable/c/ea87151df398d407a632c7bf63013290f01c5009

https://git.kernel.org/stable/c/7ed5010fef0930f4322d620052edc854ef3ec41f

https://git.kernel.org/stable/c/fd7b6b2c920d7fd370a612be416a904d6e1ebe55

https://git.kernel.org/stable/c/8169a6011c5fecc6cb1c3654c541c567d3318de8

https://git.kernel.org/stable/c/84fd710a704f3d53d4120e452e86cea558cf73a8

https://nvd.nist.gov/vuln/detail/CVE-2025-40053

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40053

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40053

EUVD