Linux Kernel Vulnerability in PTP Callback Handling
CVE-2025-21814

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability exists in the Linux kernel related to the Precision Time Protocol (PTP) drivers, where the ioctl and sysfs handlers unconditionally invoke the ->enable callback. This can lead to NULL dereferences in scenarios where some drivers, such as ptp_s390.c, ptp_vclock.c, and ptp_mock.c, do not implement this callback properly. The solution involves implementing a dummy callback in the absence of a specified driver callback, ensuring more robust handling of driver operations.

Affected Version(s)

Linux d94ba80ebbea17f036cecb104398fbcd788aa742 < 5d1041c76de656f9f8d5a192218039a9acf9bd00

Linux d94ba80ebbea17f036cecb104398fbcd788aa742 < 81846070cba17125a866e8023c01d3465b153339

Linux d94ba80ebbea17f036cecb104398fbcd788aa742 < 8441aea46445252df5d2eed6deb6d5246fc24002

References

https://git.kernel.org/stable/c/5d1041c76de656f9f8d5a1922...

https://git.kernel.org/stable/c/81846070cba17125a866e8023...

https://git.kernel.org/stable/c/8441aea46445252df5d2eed6d...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024