Kernel Vulnerability in Linux Affecting mlx5 Network Drivers
CVE-2025-21720

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2025-21720?

A vulnerability in the Linux kernel, specifically within the packet offload mode of xfrm handling, allows for improper secpath management during IP packet forwarding. When IP forwarding is enabled, packets that have already been processed can be incorrectly reintroduced into the driver TX path, leading to a kernel panic. This occurs when a NULL pointer dereference error is triggered, as evidenced by the failure logs from the mlx5 network driver, which indicate a severe system fault, disrupting normal operations and potentially impacting system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 5958372ddf628fe6f4c3e49425734ad32fcfb13c

Linux 5958372ddf628fe6f4c3e49425734ad32fcfb13c < 6945701ca1572f81bc9bb46f624b02eabb3eaf3e

Linux 5958372ddf628fe6f4c3e49425734ad32fcfb13c < 981ad4c882096e7375b8c2181dd4c3ee58ea5bae

References

https://git.kernel.org/stable/c/c6e1b2cac24b2a4d1dd472071...
https://git.kernel.org/stable/c/6945701ca1572f81bc9bb46f6...
https://git.kernel.org/stable/c/981ad4c882096e7375b8c2181...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.