CVE-2025-21775
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
can: ctucanfd: handle skb allocation failure
If skb allocation fails, the pointer to struct can_frame is NULL. This is actually handled everywhere inside ctucan_err_interrupt() except for the only place.
Add the missed NULL check.
Found by Linux Verification Center (linuxtesting.org) with SVACE static analysis tool.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 2dcb8e8782d8e4c38903bf37b1a24d3ffd193da7 < 84b9ac59978a6a4e0812d1c938fad97306272cef | affected |
| Linux | Linux | 2dcb8e8782d8e4c38903bf37b1a24d3ffd193da7 < e505b83b9ee6aa0ae2f4395f573a66579ae403fb | affected |
| Linux | Linux | 2dcb8e8782d8e4c38903bf37b1a24d3ffd193da7 < b0e592dd46a0a952b41c3bf6c963afdd6a42b526 | affected |
| Linux | Linux | 2dcb8e8782d8e4c38903bf37b1a24d3ffd193da7 < e7e2e2318b1f085044126ba553a4e619842fc36d | affected |
| Linux | Linux | 2dcb8e8782d8e4c38903bf37b1a24d3ffd193da7 < 9bd24927e3eeb85642c7baa3b28be8bea6c2a078 | affected |
| Linux | Linux | 5.19 | affected |
| Linux | Linux | 0 < 5.19 | unaffected |
| Linux | Linux | 6.1.129 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.79 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.16 <= 6.12.* | unaffected |
| Linux | Linux | 6.13.4 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/84b9ac59978a6a4e0812d1c938fad97306272cef
- https://git.kernel.org/stable/c/e505b83b9ee6aa0ae2f4395f573a66579ae403fb
- https://git.kernel.org/stable/c/b0e592dd46a0a952b41c3bf6c963afdd6a42b526
- https://git.kernel.org/stable/c/e7e2e2318b1f085044126ba553a4e619842fc36d
- https://git.kernel.org/stable/c/9bd24927e3eeb85642c7baa3b28be8bea6c2a078
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.