{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-38122", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.986Z", "datePublished": "2025-07-03T08:35:28.582Z", "dateUpdated": "2025-11-03T17:34:22.190Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-28T04:12:42.700Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: add missing NULL check for gve_alloc_pending_packet() in TX DQO\n\ngve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo()\ndid not check for this case before dereferencing the returned pointer.\n\nAdd a missing NULL check to prevent a potential NULL pointer\ndereference when allocation fails.\n\nThis improves robustness in low-memory scenarios."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/google/gve/gve_tx_dqo.c"], "versions": [{"version": "a57e5de476be0b4b7f42beb6a21c19ad9c577aa3", "lessThan": "ae98a1787fdcb0096d122bc80d93c3c7d812c04b", "status": "affected", "versionType": "git"}, {"version": "a57e5de476be0b4b7f42beb6a21c19ad9c577aa3", "lessThan": "2e5ead9e4e91fbe7799bd38afd8904543be1cb51", "status": "affected", "versionType": "git"}, {"version": "a57e5de476be0b4b7f42beb6a21c19ad9c577aa3", "lessThan": "7f6265fce3bd424ded666481b37f106d7915fb6b", "status": "affected", "versionType": "git"}, {"version": "a57e5de476be0b4b7f42beb6a21c19ad9c577aa3", "lessThan": "a0319c9b1648a67511e947a596ca86888451c0a7", "status": "affected", "versionType": "git"}, {"version": "a57e5de476be0b4b7f42beb6a21c19ad9c577aa3", "lessThan": "c741a7ef68023ac800054e2131c3e22e647fd7e3", "status": "affected", "versionType": "git"}, {"version": "a57e5de476be0b4b7f42beb6a21c19ad9c577aa3", "lessThan": "12c331b29c7397ac3b03584e12902990693bc248", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/google/gve/gve_tx_dqo.c"], "versions": [{"version": "5.14", "status": "affected"}, {"version": "0", "lessThan": "5.14", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.186", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.142", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.94", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.34", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.3", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "5.15.186"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "6.1.142"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "6.6.94"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "6.12.34"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "6.15.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "6.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/ae98a1787fdcb0096d122bc80d93c3c7d812c04b"}, {"url": "https://git.kernel.org/stable/c/2e5ead9e4e91fbe7799bd38afd8904543be1cb51"}, {"url": "https://git.kernel.org/stable/c/7f6265fce3bd424ded666481b37f106d7915fb6b"}, {"url": "https://git.kernel.org/stable/c/a0319c9b1648a67511e947a596ca86888451c0a7"}, {"url": "https://git.kernel.org/stable/c/c741a7ef68023ac800054e2131c3e22e647fd7e3"}, {"url": "https://git.kernel.org/stable/c/12c331b29c7397ac3b03584e12902990693bc248"}], "title": "gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T17:34:22.190Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6185872-F0B8-4C2E-B711-0AB869BE6591", "versionEndExcluding": "5.15.186", "versionStartIncluding": "5.14", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "459B4E94-FE0E-434D-B782-95E3A5FFC6B1", "versionEndExcluding": "6.1.142", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "304E3F01-7D7A-4908-994E-7F95C5C00B06", "versionEndExcluding": "6.6.94", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FFA54AA-CDFE-4591-BD07-72813D0948F4", "versionEndExcluding": "6.12.34", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0541C761-BD5E-4C1A-8432-83B375D7EB92", "versionEndExcluding": "6.15.3", "versionStartIncluding": "6.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: add missing NULL check for gve_alloc_pending_packet() in TX DQO\n\ngve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo()\ndid not check for this case before dereferencing the returned pointer.\n\nAdd a missing NULL check to prevent a potential NULL pointer\ndereference when allocation fails.\n\nThis improves robustness in low-memory scenarios."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gve: se ha a\u00f1adido la comprobaci\u00f3n de valores nulos (NULL) faltante para gve_alloc_pending_packet() en TX DQO. gve_alloc_pending_packet() puede devolver valores nulos (NULL), pero gve_tx_add_skb_dqo() no los comprobaba antes de desreferenciar el puntero devuelto. Se ha a\u00f1adido una comprobaci\u00f3n de valores nulos (NULL) faltante para evitar una posible desreferencia de punteros nulos cuando falla la asignaci\u00f3n. Esto mejora la robustez en escenarios con poca memoria."}], "id": "CVE-2025-38122", "lastModified": "2025-12-17T18:11:35.853", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-07-03T09:15:26.297", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/12c331b29c7397ac3b03584e12902990693bc248"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2e5ead9e4e91fbe7799bd38afd8904543be1cb51"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7f6265fce3bd424ded666481b37f106d7915fb6b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a0319c9b1648a67511e947a596ca86888451c0a7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ae98a1787fdcb0096d122bc80d93c3c7d812c04b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c741a7ef68023ac800054e2131c3e22e647fd7e3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO", "id": "2376037", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376037"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ngve: add missing NULL check for gve_alloc_pending_packet() in TX DQO\ngve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo()\ndid not check for this case before dereferencing the returned pointer.\nAdd a missing NULL check to prevent a potential NULL pointer\ndereference when allocation fails.\nThis improves robustness in low-memory scenarios."], "name": "CVE-2025-38122", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38122\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38122\nhttps://lore.kernel.org/linux-cve-announce/2025070327-CVE-2025-38122-cd8d@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-06T22:16:22.587581+00:00", "updated": "2025-07-06T22:16:22.587627+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}