| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025040147-CVE-2025-21975-6693@gregkh> Date: Tue, 1 Apr 2025 16:46:00 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() Description =========== In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5_chains_create_table() In mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns() and mlx5_get_flow_namespace() must be checked to prevent NULL pointer dereferences. If either function fails, the function should log error message with mlx5_core_warn() and return error pointer. The Linux kernel CVE team has assigned CVE-2025-21975 to this issue. Affected and fixed versions =========================== Issue introduced in 5.6 with commit 39ac237ce00968545e7298faa9e07ecb7e440fb5 and fixed in 6.1.132 with commit 1598307c914ba3d2642a2b03d1ff11efbdb7c6c2 Issue introduced in 5.6 with commit 39ac237ce00968545e7298faa9e07ecb7e440fb5 and fixed in 6.6.84 with commit 637105ef0d46fe5beac15aceb431da3ec832bb00 Issue introduced in 5.6 with commit 39ac237ce00968545e7298faa9e07ecb7e440fb5 and fixed in 6.12.20 with commit 1d34296409a519b4027750e3e82d9e19553a7398 Issue introduced in 5.6 with commit 39ac237ce00968545e7298faa9e07ecb7e440fb5 and fixed in 6.13.8 with commit 093b4aaec97ec048623e3fe1e516fc45a954d412 Issue introduced in 5.6 with commit 39ac237ce00968545e7298faa9e07ecb7e440fb5 and fixed in 6.14 with commit eab0396353be1c778eba1c0b5180176f04dd21ce Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-21975 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/ethernet/mellanox/mlx5/core/lib/fs_chains.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/1598307c914ba3d2642a2b03d1ff11efbdb7c6c2 https://git.kernel.org/stable/c/637105ef0d46fe5beac15aceb431da3ec832bb00 https://git.kernel.org/stable/c/1d34296409a519b4027750e3e82d9e19553a7398 https://git.kernel.org/stable/c/093b4aaec97ec048623e3fe1e516fc45a954d412 https://git.kernel.org/stable/c/eab0396353be1c778eba1c0b5180176f04dd21ce
Powered by blists - more mailing lists