In the Linux kernel, the following vulnerability has been resolved:
gve: Clear napi->skb before devkfreeskb_any()
gverxfreeskb incorrectly leaves napi->skb referencing an skb after it is freed with devkfreeskbany(). This can result in a subsequent call to napigetfrags returning a dangling pointer.
Fix this by clearing napi->skb before the skb is freed.
[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d221284991118c0ab16480b53baecd857c0bc442",
        "target": {
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-0d6bfca5",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "269343403139180298661246948933100214781",
                "229136804331238714462584699938427375470",
                "247408440977668388300930634701993400878",
                "161402785725061084506051821305656858101",
                "183781552580562878150122970447340047041",
                "145777664061586620193072756528783354948",
                "1486175580477401494458696800658630332",
                "132613561430253045001660151469012766568",
                "11952731296961138285146559717067312510",
                "326556253011069526863484222062078456272",
                "137048929891427525181065222532171014574",
                "205287224226960772891710576449021232860",
                "187714057005490194714769010212935954885",
                "208824580949117808342957121449210926709",
                "302659665710034237197379761288672421"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ce5341c36993b776012601921d7688693f8c037",
        "target": {
            "function": "gve_rx_poll_dqo",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-1640de4e",
        "signature_type": "Function",
        "digest": {
            "length": 1610.0,
            "function_hash": "82878516593828514400257533570808242517"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d221284991118c0ab16480b53baecd857c0bc442",
        "target": {
            "function": "gve_rx_poll_dqo",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-32447945",
        "signature_type": "Function",
        "digest": {
            "length": 1610.0,
            "function_hash": "82878516593828514400257533570808242517"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6f4d93b78ade0a4c2cafd587f7b429ce95abb02e",
        "target": {
            "function": "gve_rx_poll_dqo",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-3675696b",
        "signature_type": "Function",
        "digest": {
            "length": 1624.0,
            "function_hash": "121942708437104573136840921990801194873"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6f4d93b78ade0a4c2cafd587f7b429ce95abb02e",
        "target": {
            "function": "gve_rx_free_skb",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-58b5d42f",
        "signature_type": "Function",
        "digest": {
            "length": 190.0,
            "function_hash": "169123962653177891938402760902748087923"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a68184d5b420ea4fc7e6b7ceb52bbc66f90d3c50",
        "target": {
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-6314d928",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "269343403139180298661246948933100214781",
                "229136804331238714462584699938427375470",
                "247408440977668388300930634701993400878",
                "161402785725061084506051821305656858101",
                "183781552580562878150122970447340047041",
                "145777664061586620193072756528783354948",
                "1486175580477401494458696800658630332",
                "37632281197543225675308162596823113810",
                "273984705949310374276403170627595665976",
                "326556253011069526863484222062078456272",
                "137048929891427525181065222532171014574",
                "205287224226960772891710576449021232860",
                "187714057005490194714769010212935954885",
                "208824580949117808342957121449210926709",
                "302659665710034237197379761288672421"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ce5341c36993b776012601921d7688693f8c037",
        "target": {
            "function": "gve_rx_free_skb",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-640e7000",
        "signature_type": "Function",
        "digest": {
            "length": 190.0,
            "function_hash": "169123962653177891938402760902748087923"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a68184d5b420ea4fc7e6b7ceb52bbc66f90d3c50",
        "target": {
            "function": "gve_rx_poll_dqo",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-795487c1",
        "signature_type": "Function",
        "digest": {
            "length": 1624.0,
            "function_hash": "121942708437104573136840921990801194873"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ce5341c36993b776012601921d7688693f8c037",
        "target": {
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-8a1a4d57",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "269343403139180298661246948933100214781",
                "229136804331238714462584699938427375470",
                "247408440977668388300930634701993400878",
                "161402785725061084506051821305656858101",
                "183781552580562878150122970447340047041",
                "145777664061586620193072756528783354948",
                "1486175580477401494458696800658630332",
                "132613561430253045001660151469012766568",
                "11952731296961138285146559717067312510",
                "326556253011069526863484222062078456272",
                "137048929891427525181065222532171014574",
                "205287224226960772891710576449021232860",
                "187714057005490194714769010212935954885",
                "208824580949117808342957121449210926709",
                "302659665710034237197379761288672421"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75afd8724739ee5ed8165acde5f6ac3988b485cc",
        "target": {
            "function": "gve_rx_poll_dqo",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-8a83f4b5",
        "signature_type": "Function",
        "digest": {
            "length": 1610.0,
            "function_hash": "82878516593828514400257533570808242517"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d221284991118c0ab16480b53baecd857c0bc442",
        "target": {
            "function": "gve_rx_free_skb",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-8aef9dc2",
        "signature_type": "Function",
        "digest": {
            "length": 190.0,
            "function_hash": "169123962653177891938402760902748087923"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a68184d5b420ea4fc7e6b7ceb52bbc66f90d3c50",
        "target": {
            "function": "gve_rx_free_skb",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-ab0ce073",
        "signature_type": "Function",
        "digest": {
            "length": 190.0,
            "function_hash": "169123962653177891938402760902748087923"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6f4d93b78ade0a4c2cafd587f7b429ce95abb02e",
        "target": {
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-cbc021ae",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "269343403139180298661246948933100214781",
                "229136804331238714462584699938427375470",
                "247408440977668388300930634701993400878",
                "161402785725061084506051821305656858101",
                "183781552580562878150122970447340047041",
                "145777664061586620193072756528783354948",
                "1486175580477401494458696800658630332",
                "37632281197543225675308162596823113810",
                "273984705949310374276403170627595665976",
                "326556253011069526863484222062078456272",
                "137048929891427525181065222532171014574",
                "205287224226960772891710576449021232860",
                "187714057005490194714769010212935954885",
                "208824580949117808342957121449210926709",
                "302659665710034237197379761288672421"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75afd8724739ee5ed8165acde5f6ac3988b485cc",
        "target": {
            "function": "gve_rx_free_skb",
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-cd7a95b9",
        "signature_type": "Function",
        "digest": {
            "length": 190.0,
            "function_hash": "169123962653177891938402760902748087923"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75afd8724739ee5ed8165acde5f6ac3988b485cc",
        "target": {
            "file": "drivers/net/ethernet/google/gve/gve_rx_dqo.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2024-40937-e307ff71",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "269343403139180298661246948933100214781",
                "229136804331238714462584699938427375470",
                "247408440977668388300930634701993400878",
                "161402785725061084506051821305656858101",
                "183781552580562878150122970447340047041",
                "145777664061586620193072756528783354948",
                "1486175580477401494458696800658630332",
                "132613561430253045001660151469012766568",
                "11952731296961138285146559717067312510",
                "326556253011069526863484222062078456272",
                "137048929891427525181065222532171014574",
                "205287224226960772891710576449021232860",
                "187714057005490194714769010212935954885",
                "208824580949117808342957121449210926709",
                "302659665710034237197379761288672421"
            ]
        }
    }
]