CVE-2025-37974
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-37974
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37974.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-37974
- Downstream
- Related
- Published
- 2025-05-20T16:47:19.676Z
- Modified
- 2025-11-28T02:35:24.895027Z
- Summary
- s390/pci: Fix missing check for zpci_create_device() error return
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
s390/pci: Fix missing check for zpcicreatedevice() error return
The zpcicreatedevice() function returns an error pointer that needs to be checked before dereferencing it as a struct zpcidev pointer. Add the missing check in _clpadd() where it was missed when adding the scanlist in the fixed commit. Simply not adding the device to the scan list results in the previous behavior.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37974.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/2769b718e164df983c20c314b263a71a699be6cd
- https://git.kernel.org/stable/c/42420c50c68f3e95e90de2479464f420602229fc
- https://git.kernel.org/stable/c/be54b750c333a9db7c3b3686846bb06b07b011fe
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37974.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-37974
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1f3b309108fd0660ea8614a72328ba866ccd3378Fixedbe54b750c333a9db7c3b3686846bb06b07b011fe
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0467cdde8c4320bbfdb31a8cff1277b202f677fcFixed2769b718e164df983c20c314b263a71a699be6cdFixed42420c50c68f3e95e90de2479464f420602229fc