CVE-2025-37755

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: libwx: handle page_pool_dev_alloc_pages error

page_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page) but it would still proceed to use the NULL pointer and then crash.

This is similar to commit 001ba0902046 ("net: fec: handle page_pool_dev_alloc_pages error").

This is found by our static analysis tool KNighter.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < c17ef974bfcf1a50818168b47c4606b425a957c4affected
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < ad81d666e114ebf989fc9994d4c93d451dc60056affected
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < 1dd13c60348f515acd8c6f25a561b9c4e3b04feaaffected
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < 90bec7cef8805f9a23145e070dff28a02bb584ebaffected
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < 7f1ff1b38a7c8b872382b796023419d87d78c47eaffected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.6.88 <= 6.6.*unaffected
LinuxLinux6.12.24 <= 6.12.*unaffected
LinuxLinux6.13.12 <= 6.13.*unaffected
LinuxLinux6.14.3 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References