In the Linux kernel, the following vulnerability has been resolved:
gve: Clear napi->skb before devkfreeskb_any()
gverxfreeskb incorrectly leaves napi->skb referencing an skb after it is freed with devkfreeskbany(). This can result in a subsequent call to napigetfrags returning a dangling pointer.
Fix this by clearing napi->skb before the skb is freed.