Out-of-Bounds Exception in Linux Kernel Affecting imx8mp_blk_ctrl Module
CVE-2025-21668

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 31 January 2025

Summary

A vulnerability exists in the imx8mp_blk_ctrl component of the Linux kernel, where a missing loop break condition in the imx8mp_blk_ctrl_remove() function can lead to an out-of-bounds exception. This flaw may cause the system to behave unexpectedly, potentially compromising the stability and security of the affected device. The issue arises when the removal process does not exit correctly, which could be exploited in a scenario where device shutdown is improperly managed. Users are encouraged to update to patched versions of the kernel to mitigate any risks associated with this defect.

Affected Version(s)

Linux 556f5cf9568af772d494cff24ffaa7ea41e1ab40 < 699cc10cc3068f9097a506eae7fe178c860dca4e

Linux 556f5cf9568af772d494cff24ffaa7ea41e1ab40 < 926ad31b76b8e229b412536e77cdf828a5cae9c6

Linux 556f5cf9568af772d494cff24ffaa7ea41e1ab40 < 488a68c948bc52dc2a4554a56fdd99aa67c49b06

References

https://git.kernel.org/stable/c/699cc10cc3068f9097a506eae...

https://git.kernel.org/stable/c/926ad31b76b8e229b412536e7...

https://git.kernel.org/stable/c/488a68c948bc52dc2a4554a56...

Timeline

Vulnerability published
Jan 31, 2025
Vulnerability Reserved
Dec 29, 2024