CVE-2025-37912

In the Linux kernel, the following vulnerability has been resolved: ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() As mentioned in the commit baeb705fd6a7 ("ice: always check VF VSI pointer values"), we need to perform a null pointer check on the return value of ice_get_vf_vsi() before using it.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0561f2e374c3732b90e50f0a244791a4308ec67e	Patch
https://git.kernel.org/stable/c/073791e9cfe6e4a11a6d85816ba87b1aa207493e	Patch
https://git.kernel.org/stable/c/425c5f266b2edeee0ce16fedd8466410cdcfcfe3	Patch
https://git.kernel.org/stable/c/a32dcc3b8293600ddc4024731b4d027d4de061a4	Patch
https://git.kernel.org/stable/c/eae60cfe25d022d7f0321dba4cc23ad8e87ade48	Patch
https://git.kernel.org/stable/c/f68237982dc012230550f4ecf7ce286a9c37ddc9	Patch
https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html	Mailing List

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc4::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

17 Nov 2025, 18:11

Type	Values Removed	Values Added
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/0561f2e374c3732b90e50f0a244791a4308ec67e -~~	() https://git.kernel.org/stable/c/0561f2e374c3732b90e50f0a244791a4308ec67e - Patch
References	~~() https://git.kernel.org/stable/c/073791e9cfe6e4a11a6d85816ba87b1aa207493e -~~	() https://git.kernel.org/stable/c/073791e9cfe6e4a11a6d85816ba87b1aa207493e - Patch
References	~~() https://git.kernel.org/stable/c/425c5f266b2edeee0ce16fedd8466410cdcfcfe3 -~~	() https://git.kernel.org/stable/c/425c5f266b2edeee0ce16fedd8466410cdcfcfe3 - Patch
References	~~() https://git.kernel.org/stable/c/a32dcc3b8293600ddc4024731b4d027d4de061a4 -~~	() https://git.kernel.org/stable/c/a32dcc3b8293600ddc4024731b4d027d4de061a4 - Patch
References	~~() https://git.kernel.org/stable/c/eae60cfe25d022d7f0321dba4cc23ad8e87ade48 -~~	() https://git.kernel.org/stable/c/eae60cfe25d022d7f0321dba4cc23ad8e87ade48 - Patch
References	~~() https://git.kernel.org/stable/c/f68237982dc012230550f4ecf7ce286a9c37ddc9 -~~	() https://git.kernel.org/stable/c/f68237982dc012230550f4ecf7ce286a9c37ddc9 - Patch
References	~~() https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html -~~	() https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html - Mailing List
CPE		cpe:2.3:o:linux:linux_kernel:6.15:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc4:::::: cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::
First Time		Linux linux Kernel Debian Debian debian Linux Linux

03 Nov 2025, 20:18

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html -

Information

Published : 2025-05-20 16:15

Updated : 2025-11-17 18:11

NVD link : CVE-2025-37912

Mitre link : CVE-2025-37912

CVE.ORG link : CVE-2025-37912

JSON object : View

Products Affected

linux

linux_kernel

debian

debian_linux

CWE

CWE-476

NULL Pointer Dereference

5.5 /10