CVE-2025-37860
- Source
- https://cve.org/CVERecord?id=CVE-2025-37860
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37860.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-37860
- Downstream
- Related
- Published
- 2025-04-18T07:01:28.132Z
- Modified
- 2026-03-20T12:42:31.452448Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- sfc: fix NULL dereferences in ef100_process_design_param()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
sfc: fix NULL dereferences in ef100processdesign_param()
Since cited commit, ef100probemain() and hence also ef100checkdesignparams() run before efx->netdev is created; consequently, we cannot netifsettsomaxsize() or segs() at this point. Move those netif calls to ef100probenetdev(), and also replace netiferr within the design params code with pci_err.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37860.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/8241ecec1cdc6699ae197d52d58e76bddd995fa5
- https://git.kernel.org/stable/c/e56391011381d6d029da377a65ac314cb3d5def2
- https://git.kernel.org/stable/c/f21623b8446735b5e2ac5f8ee69b8743177d7b19
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37860.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-37860
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git