Linux Kernel Vulnerability Affecting PTP Driver Functionality
CVE-2025-21822

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

In the Linux kernel, a vulnerability exists within the PTP driver related to the handling of driver data during the vmclock_ptp_register() process. If the registration fails, the subsequent cleanup procedure, vmclock_remove(), attempts to access the driver state without proper initialization, as dev_get_drvdata() is called before the driver data is set. This flaw can lead to undefined behavior. To address the issue, the assignment of driver data should occur earlier in the code flow to ensure stability and reliability in clock management. For further technical details, refer to the kernel's official documentation and source code.

Affected Version(s)

Linux 20503272422693d793b84f88bf23fe4e955d3a33 < 6dbd8b91a065d1d8001446a28e72cd140f9acef0

Linux 20503272422693d793b84f88bf23fe4e955d3a33

Linux 6.13

References

https://git.kernel.org/stable/c/6dbd8b91a065d1d8001446a28...

https://git.kernel.org/stable/c/f7d07cd4f77d77f366c8ffbb8...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024