VYPR
Unrated severityNVD Advisory· Published Jul 12, 2024· Updated Nov 3, 2025

gve: Clear napi->skb before dev_kfree_skb_any()

CVE-2024-40937

Description

In the Linux kernel, the following vulnerability has been resolved:

gve: Clear napi->skb before dev_kfree_skb_any()

gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags returning a dangling pointer.

Fix this by clearing napi->skb before the skb is freed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

246

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.