CVE-2025-38274

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38274
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38274.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-38274
Downstream
Related
Published
2025-07-10T07:41:55.041Z
Modified
2025-11-20T09:43:25.169846Z
Summary
fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt()
Details

In the Linux kernel, the following vulnerability has been resolved:

fpga: fix potential null pointer deref in fpgamgrtestimgload_sgt()

fpgamgrtestimgloadsgt() allocates memory for sgt using kunitkzalloc() however it does not check if the allocation failed. It then passes sgt to sgalloctable(), which passes it to _sgalloc_table(). This function calls memset() on sgt in an attempt to zero it out. If the allocation fails then sgt will be NULL and the memset will trigger a NULL pointer dereference.

Fix this by checking the allocation with KUNITASSERTNOTERROR_NULL().

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ccbc1c302115d8125d6a96296ba52702c6de0ade
Fixed
e69e2cfd8b38d9463a250e153ef4963a604d61e9
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ccbc1c302115d8125d6a96296ba52702c6de0ade
Fixed
8b2230ac7ff0aeb2441132df638a82ab124f8624
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ccbc1c302115d8125d6a96296ba52702c6de0ade
Fixed
eb4c74eaa6e2d15f3bbd32941c9d2a25b29a718d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ccbc1c302115d8125d6a96296ba52702c6de0ade
Fixed
6ebf1982038af12f3588417e4fd0417d2551da28

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.5
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.79
v6.6.8
v6.6.80
v6.6.81
v6.6.82
v6.6.83
v6.6.84
v6.6.85
v6.6.86
v6.6.87
v6.6.88
v6.6.89
v6.6.9
v6.6.90
v6.6.91
v6.6.92
v6.6.93
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "18031495841490953384553454310408673340",
                "295011478531809656078033945991946336228",
                "327681738479117598357619717903877695309",
                "207864117830350977762897239450581477387"
            ]
        },
        "id": "CVE-2025-38274-4606f1bf",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ebf1982038af12f3588417e4fd0417d2551da28",
        "target": {
            "file": "drivers/fpga/tests/fpga-mgr-test.c"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "18031495841490953384553454310408673340",
                "295011478531809656078033945991946336228",
                "327681738479117598357619717903877695309",
                "207864117830350977762897239450581477387"
            ]
        },
        "id": "CVE-2025-38274-541cdd07",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e69e2cfd8b38d9463a250e153ef4963a604d61e9",
        "target": {
            "file": "drivers/fpga/tests/fpga-mgr-test.c"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 1273.0,
            "function_hash": "35395324952240619276108249855916343123"
        },
        "id": "CVE-2025-38274-9683f180",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ebf1982038af12f3588417e4fd0417d2551da28",
        "target": {
            "file": "drivers/fpga/tests/fpga-mgr-test.c",
            "function": "fpga_mgr_test_img_load_sgt"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "18031495841490953384553454310408673340",
                "295011478531809656078033945991946336228",
                "327681738479117598357619717903877695309",
                "207864117830350977762897239450581477387"
            ]
        },
        "id": "CVE-2025-38274-98419ed8",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8b2230ac7ff0aeb2441132df638a82ab124f8624",
        "target": {
            "file": "drivers/fpga/tests/fpga-mgr-test.c"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 1223.0,
            "function_hash": "72936890926280223364806926214808848811"
        },
        "id": "CVE-2025-38274-9d0ea05d",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e69e2cfd8b38d9463a250e153ef4963a604d61e9",
        "target": {
            "file": "drivers/fpga/tests/fpga-mgr-test.c",
            "function": "fpga_mgr_test_img_load_sgt"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 1273.0,
            "function_hash": "35395324952240619276108249855916343123"
        },
        "id": "CVE-2025-38274-b6fda007",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8b2230ac7ff0aeb2441132df638a82ab124f8624",
        "target": {
            "file": "drivers/fpga/tests/fpga-mgr-test.c",
            "function": "fpga_mgr_test_img_load_sgt"
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.94
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.34
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.15.3