CVE-2025-21848

Summary

In the Linux kernel, the following vulnerability has been resolved:

nfp: bpf: Add check for nfp_app_ctrl_msg_alloc()

Add check for the return value of nfp_app_ctrl_msg_alloc() in nfp_bpf_cmsg_alloc() to prevent null pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxff3d43f7568c82b335d7df2d40a31447c3fce10c < d64c6ca420019712e194fe095b55f87363e22a9aaffected
LinuxLinuxff3d43f7568c82b335d7df2d40a31447c3fce10c < e976ea6c5e1b005c64467cbf94a8577aae9c7d81affected
LinuxLinuxff3d43f7568c82b335d7df2d40a31447c3fce10c < 924b239f9704566e0d86abd894d2d64bd73c11ebaffected
LinuxLinuxff3d43f7568c82b335d7df2d40a31447c3fce10c < 1358d8e07afdf21d49ca6f00c56048442977e00aaffected
LinuxLinuxff3d43f7568c82b335d7df2d40a31447c3fce10c < 29ccb1e4040da6ff02b7e64efaa2f8e6bf06020daffected
LinuxLinuxff3d43f7568c82b335d7df2d40a31447c3fce10c < 897c32cd763fd11d0b6ed024c52f44d2475bb820affected
LinuxLinuxff3d43f7568c82b335d7df2d40a31447c3fce10c < bd97f60750bb581f07051f98e31dfda59d3a783baffected
LinuxLinuxff3d43f7568c82b335d7df2d40a31447c3fce10c < 878e7b11736e062514e58f3b445ff343e6705537affected
LinuxLinux4.16affected
LinuxLinux0 < 4.16unaffected
LinuxLinux5.4.291 <= 5.4.*unaffected
LinuxLinux5.10.235 <= 5.10.*unaffected
LinuxLinux5.15.179 <= 5.15.*unaffected
LinuxLinux6.1.130 <= 6.1.*unaffected
LinuxLinux6.6.80 <= 6.6.*unaffected
LinuxLinux6.12.17 <= 6.12.*unaffected
LinuxLinux6.13.5 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References