CVE-2025-37820

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()<br /> <br /> The function xdp_convert_buff_to_frame() may return NULL if it fails<br /> to correctly convert the XDP buffer into an XDP frame due to memory<br /> constraints, internal errors, or invalid data. Failing to check for NULL<br /> may lead to a NULL pointer dereference if the result is used later in<br /> processing, potentially causing crashes, data corruption, or undefined<br /> behavior.<br /> <br /> On XDP redirect failure, the associated page must be released explicitly<br /> if it was previously retained via get_page(). Failing to do so may result<br /> in a memory leak, as the pages reference count is not decremented.