Linux Kernel Memory Management Vulnerability Affecting System Stability
CVE-2025-21833

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 March 2025

Summary

A vulnerability has been identified in the Linux kernel that involves improper handling of a NULL pointer in the iommu/vt-d subsystem. Specifically, when the domain_remove_dev_pasid function cannot locate the pasid, the system had the potential to execute operations on a NULL pointer, which could lead to unpredictable behavior or system crashes. It is crucial to apply the necessary patches to maintain system stability and security.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 60f030f7418d3f1d94f2fb207fe3080e1844630b

Linux 6.13.3 <= 6.13.*

References

https://git.kernel.org/stable/c/df96876be3b064aefc493f760...

https://git.kernel.org/stable/c/60f030f7418d3f1d94f2fb207...

Timeline

Vulnerability published
Mar 6, 2025
Vulnerability Reserved
Dec 29, 2024