CVE-2025-21975 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5_chains_create_table() In mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns() and mlx5_get_flow_namespace() must be checked to prevent NULL pointer dereferences. If either function fails, the function should log error message with mlx5_core_warn() and return error pointer.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/093b4aaec97ec048623e3fe1e516fc45a954d412
https://git.kernel.org/stable/c/1598307c914ba3d2642a2b03d1ff11efbdb7c6c2
https://git.kernel.org/stable/c/15bdd93728369b2c8942a8e5d549d4b5dc04a2d9
https://git.kernel.org/stable/c/1d34296409a519b4027750e3e82d9e19553a7398
https://git.kernel.org/stable/c/29c419c64e9b396baeda1d8713d2aa3ba7c0acf6
https://git.kernel.org/stable/c/637105ef0d46fe5beac15aceb431da3ec832bb00
https://git.kernel.org/stable/c/eab0396353be1c778eba1c0b5180176f04dd21ce
https://lore.kernel.org/linux-cve-announce/2025040147-CVE-2025-21975-6693@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-21975
https://www.cve.org/CVERecord?id=CVE-2025-21975

History

Fri, 23 May 2025 06:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476

Thu, 10 Apr 2025 13:15:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/15bdd93728369b2c8942a8e5d549d4b5dc04a2d9 https://git.kernel.org/stable/c/29c419c64e9b396baeda1d8713d2aa3ba7c0acf6

Wed, 02 Apr 2025 14:00:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025040147-CVE-2025-21975-6693@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-21975 https://www.cve.org/CVERecord?id=CVE-2025-21975
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Tue, 01 Apr 2025 16:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5_chains_create_table() In mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns() and mlx5_get_flow_namespace() must be checked to prevent NULL pointer dereferences. If either function fails, the function should log error message with mlx5_core_warn() and return error pointer.
Title		net/mlx5: handle errors in mlx5_chains_create_table()
References		https://git.kernel.org/stable/c/093b4aaec97ec048623e3fe1e516fc45a954d412 https://git.kernel.org/stable/c/1598307c914ba3d2642a2b03d1ff11efbdb7c6c2 https://git.kernel.org/stable/c/1d34296409a519b4027750e3e82d9e19553a7398 https://git.kernel.org/stable/c/637105ef0d46fe5beac15aceb431da3ec832bb00 https://git.kernel.org/stable/c/eab0396353be1c778eba1c0b5180176f04dd21ce

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-04-01T15:47:06.590Z

Updated: 2025-05-04T07:26:18.960Z

Reserved: 2024-12-29T08:45:45.797Z

Link: CVE-2025-21975

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-04-01T16:15:28.853

Modified: 2025-04-10T13:15:48.573

Link: CVE-2025-21975

Redhat

Severity : Moderate

Publid Date: 2025-04-01T00:00:00Z

Links: CVE-2025-21975 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object