Vulnerability in Linux Kernel Affecting Rockchip CAN Bus Notifications
CVE-2025-21774

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability exists within the Linux kernel's handling of Rockchip CAN bus notifications. Specifically, the function rkcanfd_handle_rx_fifo_overflow_int() contains a flaw that may allow a null pointer dereference in situations where socket buffer (skb) allocation fails. This oversight prevents the function from appropriately terminating operations under error conditions, potentially leading to stability issues or unexpected behavior in systems utilizing Rockchip drivers. The vulnerability has been addressed to ensure that the function exits gracefully if skb cannot be allocated, thereby enhancing system resilience.

Affected Version(s)

Linux ff60bfbaf67f219c634cfe89a52250efe8e600d0 < 118fb35681bd2c0d2afa22f7be0ef94bb4d06849

Linux ff60bfbaf67f219c634cfe89a52250efe8e600d0 < 946750e7865df2e70045071051abf768785dd570

Linux ff60bfbaf67f219c634cfe89a52250efe8e600d0

References

https://git.kernel.org/stable/c/118fb35681bd2c0d2afa22f7b...

https://git.kernel.org/stable/c/946750e7865df2e7004507105...

https://git.kernel.org/stable/c/f7f0adfe64de08803990dc4cb...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024