CVE-2025-38274

Description

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt() fpga_mgr_test_img_load_sgt() allocates memory for sgt using kunit_kzalloc() however it does not check if the allocation failed. It then passes sgt to sg_alloc_table(), which passes it to __sg_alloc_table(). This function calls memset() on sgt in an attempt to zero it out. If the allocation fails then sgt will be NULL and the memset will trigger a NULL pointer dereference. Fix this by checking the allocation with KUNIT_ASSERT_NOT_ERR_OR_NULL().

Reserved 2025-04-16 | Published 2025-07-10 | Updated 2025-07-10 | Assigner Linux

Product status

Default status
unaffected

ccbc1c302115d8125d6a96296ba52702c6de0ade before e69e2cfd8b38d9463a250e153ef4963a604d61e9
affected

ccbc1c302115d8125d6a96296ba52702c6de0ade before 8b2230ac7ff0aeb2441132df638a82ab124f8624
affected

ccbc1c302115d8125d6a96296ba52702c6de0ade before eb4c74eaa6e2d15f3bbd32941c9d2a25b29a718d
affected

ccbc1c302115d8125d6a96296ba52702c6de0ade before 6ebf1982038af12f3588417e4fd0417d2551da28
affected

Default status
affected

6.6
affected

Any version before 6.6
unaffected

6.6.94
unaffected

6.12.34
unaffected

6.15.3
unaffected

6.16-rc1
unaffected

References

git.kernel.org/...c/e69e2cfd8b38d9463a250e153ef4963a604d61e9

git.kernel.org/...c/8b2230ac7ff0aeb2441132df638a82ab124f8624

git.kernel.org/...c/eb4c74eaa6e2d15f3bbd32941c9d2a25b29a718d

git.kernel.org/...c/6ebf1982038af12f3588417e4fd0417d2551da28

cve.org (CVE-2025-38274)

nvd.nist.gov (CVE-2025-38274)

Download JSON