Null Pointer Dereference in Linux Kernel Affecting Ice Networking Driver
CVE-2025-38664

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38664?

A vulnerability exists in the Ice networking driver of the Linux kernel due to a potential null pointer dereference in the function ice_copy_and_init_pkg(). The issue arises from a missing check on the return value of devm_kmemdup(), which can result in undefined behavior or crashes. This flaw could compromise system stability or lead to other unintended consequences if exploited. It's crucial for users and system administrators to apply the relevant updates to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux c7648810961682b9388be2dd041df06915647445 < 35370d3b44efe194fd5ad55bac987e629597d782

Linux c7648810961682b9388be2dd041df06915647445 < 435462f8ab2b9c5340a5414ce02f70117d0cfede

Linux c7648810961682b9388be2dd041df06915647445 < 7c5a13c76dd37e9e4f8d48b87376a54f4399ce15

References

https://git.kernel.org/stable/c/35370d3b44efe194fd5ad55ba...
https://git.kernel.org/stable/c/435462f8ab2b9c5340a5414ce...
https://git.kernel.org/stable/c/7c5a13c76dd37e9e4f8d48b87...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.