Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potential null pointer dereference.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.4, < 5.4.297 |
| Debian | Debian Linux | 11.0 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/0fde7dccbf4c8a6d7940ecaf4c3d80a12f405dd7Patch
- https://git.kernel.org/stable/c/1c30093d58cd3d02d8358e2b1f4a06a0aae0bf5bPatch
- https://git.kernel.org/stable/c/3028f2a4e746b499043bbb8ab816f975473a0535Patch
- https://git.kernel.org/stable/c/35370d3b44efe194fd5ad55bac987e629597d782Patch
- https://git.kernel.org/stable/c/435462f8ab2b9c5340a5414ce02f70117d0cfedePatch
- https://git.kernel.org/stable/c/4ff12d82dac119b4b99b5a78b5af3bf2474c0a36Patch
- https://git.kernel.org/stable/c/6d640a8ea62435a7f6f89869bee4fa99423d07caPatch
- https://git.kernel.org/stable/c/7c5a13c76dd37e9e4f8d48b87376a54f4399ce15Patch
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlThird Party Advisory
FAQ
What is CVE-2025-38664?
CVE-2025-38664 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potenti...
How severe is CVE-2025-38664?
CVE-2025-38664 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-38664?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.