{"id":"CVE-2025-22054","summary":"arcnet: Add NULL check in com20020pci_probe()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\narcnet: Add NULL check in com20020pci_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ncom20020pci_probe() does not check for this case, which results in a\nNULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensure\nno resources are left allocated.","modified":"2026-04-16T00:09:21.094827124Z","published":"2025-04-16T14:12:11.849Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22054.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/661cf5d102949898c931e81fd4e1c773afcdeafa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/887226163504494ea7e58033a97c2d2ab12e05d4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/905a34dc1ad9a53a8aaaf8a759ea5dbaaa30418d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a654f31b33515d39bb56c75fd8b26bef025ced7e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/be8a0decd0b59a52a07276f9ef3b33ef820b2179"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ebebeb58d48e25525fa654f2c53a24713fe141c3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ececf8eff6c25acc239fa8f0fd837c76bc770547"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ef8b29398ea6061ac8257f3e45c9be45cc004ce2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fda8c491db2a90ff3e6fbbae58e495b4ddddeca3"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22054.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22054"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e38cd53421ed4e37fc99662a0f2a0c567993844f"},{"fixed":"661cf5d102949898c931e81fd4e1c773afcdeafa"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d54f5a5bc85afd01b0a00689b795e31db54adc15"},{"fixed":"905a34dc1ad9a53a8aaaf8a759ea5dbaaa30418d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"75c53a4c43295fb8b09edae45239790db9cc69c3"},{"fixed":"ef8b29398ea6061ac8257f3e45c9be45cc004ce2"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8d034da82563a526dbd7e9069bb3f6946403b72c"},{"fixed":"be8a0decd0b59a52a07276f9ef3b33ef820b2179"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5106d7adb74bc6160806b45ffd2321b10ca14ee0"},{"fixed":"ececf8eff6c25acc239fa8f0fd837c76bc770547"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6b17a597fc2f13aaaa0a2780eb7edb9ae7ac9aea"},{"fixed":"ebebeb58d48e25525fa654f2c53a24713fe141c3"},{"fixed":"a654f31b33515d39bb56c75fd8b26bef025ced7e"},{"fixed":"887226163504494ea7e58033a97c2d2ab12e05d4"},{"fixed":"fda8c491db2a90ff3e6fbbae58e495b4ddddeca3"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"2e4ad90b15a7341c2d96d2dc6df6d135d72256b6"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22054.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}