CVE-2025-21904
caif_virtio: fix wrong pointer check in cfv_probe()
In the Linux kernel, the following vulnerability has been resolved:
caif_virtio: fix wrong pointer check in cfv_probe()
del_vqs() frees virtqueues, therefore cfv->vq_tx pointer should be checked
for NULL before calling it, not cfv->vdev. Also the current implementation
is redundant because the pointer cfv->vdev is dereferenced before it is
checked for NULL.
Fix this by checking cfv->vq_tx for NULL instead of cfv->vdev before
calling del_vqs().
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/29e0cd296c87240278e2f7ea4cf3f496b60c03afhttps://git.kernel.org/stable/c/56cddf71cce3b15b078e937fadab29962b6f6643https://git.kernel.org/stable/c/597c27e5f04cb50e56cc9aeda75d3e42b6b89c3ehttps://git.kernel.org/stable/c/7b5fe58959822e6cfa884327cabba6be3b01883dhttps://git.kernel.org/stable/c/8e4e08ca4cc634b337bb74bc9a70758fdeda0bcbhttps://git.kernel.org/stable/c/90d302619ee7ce5ed0c69c29c290bdccfde66418https://git.kernel.org/stable/c/990fff6980d0c1693d60a812f58dbf93eab0473fhttps://git.kernel.org/stable/c/a466fd7e9fafd975949e5945e2f70c33a94b1a70https://lists.debian.org/debian-lts-announce/2025/05/msg00030.htmlhttps://lists.debian.org/debian-lts-announce/2025/05/msg00045.html