Vulnerability in Linux Kernel Affecting Rockchip CAN Bus Notifications
CVE-2025-21774

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2025-21774?

A vulnerability exists within the Linux kernel's handling of Rockchip CAN bus notifications. Specifically, the function rkcanfd_handle_rx_fifo_overflow_int() contains a flaw that may allow a null pointer dereference in situations where socket buffer (skb) allocation fails. This oversight prevents the function from appropriately terminating operations under error conditions, potentially leading to stability issues or unexpected behavior in systems utilizing Rockchip drivers. The vulnerability has been addressed to ensure that the function exits gracefully if skb cannot be allocated, thereby enhancing system resilience.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ff60bfbaf67f219c634cfe89a52250efe8e600d0 < 118fb35681bd2c0d2afa22f7be0ef94bb4d06849

Linux ff60bfbaf67f219c634cfe89a52250efe8e600d0 < 946750e7865df2e70045071051abf768785dd570

Linux ff60bfbaf67f219c634cfe89a52250efe8e600d0

References

https://git.kernel.org/stable/c/118fb35681bd2c0d2afa22f7b...
https://git.kernel.org/stable/c/946750e7865df2e7004507105...
https://git.kernel.org/stable/c/f7f0adfe64de08803990dc4cb...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.