CVE-2025-21783

Summary

In the Linux kernel, the following vulnerability has been resolved:

gpiolib: Fix crash on error in gpiochip_get_ngpios()

The gpiochip_get_ngpios() uses chip_() macros to print messages. However these macros rely on gpiodev to be initialised and set, which is not the case when called via bgpio_init(). In such a case the printing messages will crash on NULL pointer dereference. Replace chip_() macros by the respective dev_*() ones to avoid such crash.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux55b2395e4e92adc492c6b30ac109eb78250dcd9d < 4d9b2b62e1136d10f661ec4c0c268140b6f74f4faffected
LinuxLinux55b2395e4e92adc492c6b30ac109eb78250dcd9d < a7052afa9eae2239e25943baa8817a6a56e8aa68affected
LinuxLinux55b2395e4e92adc492c6b30ac109eb78250dcd9d < 189fb76215e479c10731baabb50f1a352d2078f5affected
LinuxLinux55b2395e4e92adc492c6b30ac109eb78250dcd9d < 7b4aebeecbbd5b5fe73e35fad3f62ed21aa7ef44affected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux6.6.79 <= 6.6.*unaffected
LinuxLinux6.12.16 <= 6.12.*unaffected
LinuxLinux6.13.4 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References