CVE-2025-38526
- Source
- https://cve.org/CVERecord?id=CVE-2025-38526
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38526.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-38526
- Downstream
- Related
- Published
- 2025-08-16T11:12:20.036Z
- Modified
- 2026-03-23T05:09:31.769933811Z
- Summary
- ice: add NULL check in eswitch lag check
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ice: add NULL check in eswitch lag check
The function icelagisswitchdevrunning() is being called from outside of the LAG event handler code. This results in the lag->upper_netdev being NULL sometimes. To avoid a NULL-pointer dereference, there needs to be a check before it is dereferenced.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38526.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/245917d3c5ed7c6ae720302b64eac5c6f0c85177
- https://git.kernel.org/stable/c/27591d926191e42b2332e4bad3bcd3a49def393b
- https://git.kernel.org/stable/c/3ce58b01ada408b372f15b7c992ed0519840e3cf
- https://git.kernel.org/stable/c/5a5d64f0eec82076b2c09fee2195d640cfbe3379
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38526.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38526
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced776fe19953b0e0af00399e50fb3b205101d4b3c1Fixed27591d926191e42b2332e4bad3bcd3a49def393bFixed5a5d64f0eec82076b2c09fee2195d640cfbe3379Fixed245917d3c5ed7c6ae720302b64eac5c6f0c85177Fixed3ce58b01ada408b372f15b7c992ed0519840e3cf
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.15.3
v6.15.4
v6.15.5
v6.15.6
v6.15.7
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.6
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.79
v6.6.8
v6.6.80
v6.6.81
v6.6.82
v6.6.83
v6.6.84
v6.6.85
v6.6.86
v6.6.87
v6.6.88
v6.6.89
v6.6.9
v6.6.90
v6.6.91
v6.6.92
v6.6.93
v6.6.94
v6.6.95
v6.6.96
v6.6.97
v6.6.98
v6.6.99
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38526.json"
vanir_signatures
[
{
"signature_version": "v1",
"digest": {
"line_hashes": [
"284146024819732054530645241914204307039",
"291535131304140425461580048578845241186",
"313188031775400023883736808010531079153",
"315445648201453231175158084965971923697"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3ce58b01ada408b372f15b7c992ed0519840e3cf",
"id": "CVE-2025-38526-28a1347e",
"target": {
"file": "drivers/net/ethernet/intel/ice/ice_lag.c"
},
"signature_type": "Line",
"deprecated": false
},
{
"signature_version": "v1",
"id": "CVE-2025-38526-833591ec",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3ce58b01ada408b372f15b7c992ed0519840e3cf",
"signature_type": "Function",
"target": {
"file": "drivers/net/ethernet/intel/ice/ice_lag.c",
"function": "ice_lag_is_switchdev_running"
},
"deprecated": false,
"digest": {
"function_hash": "45361433868362237677315083961513913453",
"length": 447.0
}
}
]