CVE-2025-37874

May 9, 2025 invoker category_cve

Vulnerability Details

Basic Information

Title CVE-2025-37874
Type cve
Published 2025-05-09T07:16:08
Last Seen 2025-05-09T07:28:34
CVSS Score 0.0 ()

CVSS v3 Details

Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact

CVE Information

CVE IDs CVE-2025-37874
CWE
Bulletin Family cve

Description

In the Linux kernel, the following vulnerability has been resolved:

net: ngbe: fix memory leak in ngbe_probe() error path

When ngbe_sw_init() is called, memory is allocated for wx->rss_key
in wx_init_rss_key(). However, in ngbe_probe() function, the subsequent
error paths after ngbe_sw_init() don’t free the rss_key. Fix that by
freeing it in error path along with wx->mac_table.

Also change the label to which execution jumps when ngbe_sw_init()
fails, because otherwise, it could lead to a double free for rss_key,
when the mac_table allocation fails in wx_sw_init().

Impact Assessment

Base Score 0.0
Severity

View full CVE details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.