Unrated severityNVD Advisory· Published May 9, 2025· Updated May 26, 2025

net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()

CVE-2025-37888

Description

In the Linux kernel, the following vulnerability has been resolved:

Add NULL check for mlx5_get_flow_namespace() returns in mlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent NULL pointer dereference.

Affected products

Linux/Linux Kernel Rtllm-fuzzy
osv-coords21 versions
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
< 6.4.0-150700.53.6.1+ 20 more
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.20.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1.150700.17.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 1-150700.1.5.1
- (no CPE)range: < 1-150700.15.3.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.7.8.1
- (no CPE)range: < 6.4.0-150700.20.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.7.8.1
- (no CPE)range: < 6.4.0-150700.20.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.7.8.1
- (no CPE)range: < 6.4.0-150700.53.6.1
Linux/Linuxcpe-rescue
Range: 6.10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000