| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025040133-CVE-2025-21901-8898@gregkh> Date: Tue, 1 Apr 2025 16:25:37 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2025-21901: RDMA/bnxt_re: Add sanity checks on rdev validity Description =========== In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add sanity checks on rdev validity There is a possibility that ulp_irq_stop and ulp_irq_start callbacks will be called when the device is in detached state. This can cause a crash due to NULL pointer dereference as the rdev is already freed. The Linux kernel CVE team has assigned CVE-2025-21901 to this issue. Affected and fixed versions =========================== Issue introduced in 6.12 with commit cc5b9b48d44756a87170f3901c6c2fd99e6b89b2 and fixed in 6.12.18 with commit aed1bc673907e3df372b317c10ff2f3582f8bf1a Issue introduced in 6.12 with commit cc5b9b48d44756a87170f3901c6c2fd99e6b89b2 and fixed in 6.13.6 with commit 8cb0eef46d70a99c88c26a1addb7fd955242e0e6 Issue introduced in 6.12 with commit cc5b9b48d44756a87170f3901c6c2fd99e6b89b2 and fixed in 6.14 with commit f0df225d12fcb049429fb5bf5122afe143c2dd15 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-21901 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/infiniband/hw/bnxt_re/main.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/aed1bc673907e3df372b317c10ff2f3582f8bf1a https://git.kernel.org/stable/c/8cb0eef46d70a99c88c26a1addb7fd955242e0e6 https://git.kernel.org/stable/c/f0df225d12fcb049429fb5bf5122afe143c2dd15
Powered by blists - more mailing lists