Memory Allocation Issue in Linux Kernel Affects CAN Frame Handling
CVE-2025-21775

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2025-21775?

A memory allocation issue has been identified in the Linux kernel that affects the handling of CAN frame structures. Specifically, if the socket buffer (skb) allocation fails, the pointer to the can_frame structure becomes NULL. Although most functions within ctucan_err_interrupt() properly handle this NULL pointer scenario, there exists a location where this check is omitted, potentially leading to undefined behavior. This vulnerability was discovered by the Linux Verification Center using the SVACE static analysis tool, emphasizing the need for consistent error handling in kernel code.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 2dcb8e8782d8e4c38903bf37b1a24d3ffd193da7 < 84b9ac59978a6a4e0812d1c938fad97306272cef

Linux 2dcb8e8782d8e4c38903bf37b1a24d3ffd193da7

References

https://git.kernel.org/stable/c/84b9ac59978a6a4e0812d1c93...

https://git.kernel.org/stable/c/e505b83b9ee6aa0ae2f4395f5...

https://git.kernel.org/stable/c/b0e592dd46a0a952b41c3bf6c...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024

JSON

Linux

What is CVE-2025-21775?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.