CVE-2025-40053
- Published: 1761653739
- Last modified: 1761747354
CVE-2025-40053 — In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer dereference. This patch tries to allocate `skb`. If the allocation fails, it falls back…
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No vendor taxonomy on this entry.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
In the Linux kernel, the following vulnerability has been resolved:
net: dlink: handle copy_thresh allocation failure
The driver did not handle failure of `netdev_alloc_skb_ip_align()`.
If the allocation failed, dereferencing `skb->protocol` could lead to
a NULL pointer dereference.
This patch tries to allocate `skb`. If the allocation fails, it falls
back to the normal path.
Tested-on: D-Link DGE-550T Rev-A3
🧠 Explainer: What this vulnerability means
Summary: This vulnerability affects the product by the vendor (CWE: unspecified).
Impact: It may allow privilege escalation, data exposure, or service interruption.
Mitigation: Prioritize patching and consider temporary workarounds documented by the vendor.
No vendor/product data yet.
No explicit mitigation/advisory links found in references.