VYPR
Unrated severityNVD Advisory· Published May 20, 2025· Updated May 26, 2025

s390/pci: Fix missing check for zpci_create_device() error return

CVE-2025-37974

Description

In the Linux kernel, the following vulnerability has been resolved:

s390/pci: Fix missing check for zpci_create_device() error return

The zpci_create_device() function returns an error pointer that needs to be checked before dereferencing it as a struct zpci_dev pointer. Add the missing check in __clp_add() where it was missed when adding the scan_list in the fixed commit. Simply not adding the device to the scan list results in the previous behavior.

Affected products

81

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.