GHSA-q63g-px5v-r7jvMediumCVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing...

Published
June 3, 2026
Last Modified
June 9, 2026

🔗 CVE IDs covered (1)

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

PCI: endpoint: Add missing NULL check for alloc_workqueue()

alloc_workqueue() can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queue_work() is later called with the NULL workqueue pointer in epf_ntb_epc_init().

Add a NULL check immediately after alloc_workqueue() and return -ENOMEM on failure to prevent the driver from loading with an invalid workqueue pointer.

🔗 References (4)