Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-37755

In the Linux kernel, the following vulnerability has been resolved: net: libwx: handle page_pool_dev_alloc_pages error page_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page) but it would still proceed to use the NULL pointer and then crash. This is similar to commit 001ba0902046 ("net: fec: handle page_pool_dev_alloc_pages error"). This is found by our static analysis tool KNighter.

Published

2025-05-01T13:15:54.267

Last Modified

2025-11-06T21:27:09.627

Status

Analyzed

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-476

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 6.6.88	Yes
Operating System	linux	linux_kernel	< 6.12.24	Yes
Operating System	linux	linux_kernel	< 6.13.12	Yes
Operating System	linux	linux_kernel	< 6.14.3	Yes
Operating System	linux	linux_kernel	6.15	Yes

References

https://git.kernel.org/stable/c/1dd13c60348f515acd8c6f25a561b9c4e3b04fea Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/7f1ff1b38a7c8b872382b796023419d87d78c47e Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/90bec7cef8805f9a23145e070dff28a02bb584eb Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/ad81d666e114ebf989fc9994d4c93d451dc60056 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/c17ef974bfcf1a50818168b47c4606b425a957c4 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)