CVE-2025-40053

Linux kernel - Null Pointer Dereference

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer dereference. This patch tries to allocate `skb`. If the allocation fails, it falls back to the normal path. Tested-on: D-Link DGE-550T Rev-A3

Scores

EPSS 0.0020
EPSS Percentile 10.3%

Details

Status published
Products (22)
linux/Kernel 2.6.12 - 5.10.246linux
linux/Kernel 5.11.0 - 5.15.195linux
linux/Kernel 5.16.0 - 6.1.156linux
linux/Kernel 6.13.0 - 6.17.3linux
linux/Kernel 6.2.0 - 6.6.112linux
linux/Kernel 6.7.0 - 6.12.53linux
Linux/Linux < 2.6.12
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 5aa9b885602811a026a3f45c92ea2b4b04c54f09
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 7ed5010fef0930f4322d620052edc854ef3ec41f
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 8169a6011c5fecc6cb1c3654c541c567d3318de8
... and 12 more
Published Oct 28, 2025
Tracked Since Feb 18, 2026