Linux Kernel Vulnerability in MPI3MR Driver Related to BSG Queue Management
CVE-2025-21723

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability within the MPI3MR driver of the Linux kernel can lead to a system crash due to improper handling of the BSG queue allocation. When the bsg_setup_queue() function fails, it incorrectly assigns a non-NULL value to the bsg_queue. This prevents the system from executing the necessary cleanup function (bsg_remove_queue()), which can result in a NULL pointer dereference during device removal, subsequently leading to a crash. Appropriate updates have been released to address this issue.

Affected Version(s)

Linux 4268fa7513655a83d5492705591fdac6c65db48a < 19b248069d1b1424982723a2bf3941ad864d5204

Linux 4268fa7513655a83d5492705591fdac6c65db48a < 832b8f95a2832321b8200ae478ed988b25faaef4

Linux 4268fa7513655a83d5492705591fdac6c65db48a < 295006f6e8c17212d3098811166e29627d19e05c

References

https://git.kernel.org/stable/c/19b248069d1b1424982723a2b...

https://git.kernel.org/stable/c/832b8f95a2832321b8200ae47...

https://git.kernel.org/stable/c/295006f6e8c17212d30988111...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024