CVE-2025-38122

Summary

In the Linux kernel, the following vulnerability has been resolved:

gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO

gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer.

Add a missing NULL check to prevent a potential NULL pointer dereference when allocation fails.

This improves robustness in low-memory scenarios.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa57e5de476be0b4b7f42beb6a21c19ad9c577aa3 < ae98a1787fdcb0096d122bc80d93c3c7d812c04baffected
LinuxLinuxa57e5de476be0b4b7f42beb6a21c19ad9c577aa3 < 2e5ead9e4e91fbe7799bd38afd8904543be1cb51affected
LinuxLinuxa57e5de476be0b4b7f42beb6a21c19ad9c577aa3 < 7f6265fce3bd424ded666481b37f106d7915fb6baffected
LinuxLinuxa57e5de476be0b4b7f42beb6a21c19ad9c577aa3 < a0319c9b1648a67511e947a596ca86888451c0a7affected
LinuxLinuxa57e5de476be0b4b7f42beb6a21c19ad9c577aa3 < c741a7ef68023ac800054e2131c3e22e647fd7e3affected
LinuxLinuxa57e5de476be0b4b7f42beb6a21c19ad9c577aa3 < 12c331b29c7397ac3b03584e12902990693bc248affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.186 <= 5.15.*unaffected
LinuxLinux6.1.142 <= 6.1.*unaffected
LinuxLinux6.6.94 <= 6.6.*unaffected
LinuxLinux6.12.34 <= 6.12.*unaffected
LinuxLinux6.15.3 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References