NULL Pointer Dereference Vulnerability in Linux Kernel Affecting CAN Drivers
CVE-2025-38665
What is CVE-2025-38665?
A vulnerability exists within the Linux kernel related to the CAN (Controller Area Network) drivers that could lead to a NULL pointer dereference. This issue arises when a CAN device is restarted from a Bus Off state, particularly when the device driver fails to properly implement the necessary callback 'struct can_priv::do_set_mode'. The vulnerability manifests during both manual and automated restarts of the device. To mitigate this security flaw, it is crucial to ensure that manual restarts via 'can_changelink()' are handled safely, as well as configuring the delay for automatic restarts to avoid triggering the NULL pointer dereference. The update introduces measures to prevent these events, including returning an error when callbacks are not properly set, enhancing the overall stability and security of CAN driver operations.
Affected Version(s)
Linux 39549eef3587f1c1e8c65c88a2400d10fd30ea17 < 6bbcf37c5114926c99a1d1e6993a5b35689d2599
Linux 39549eef3587f1c1e8c65c88a2400d10fd30ea17
Linux 39549eef3587f1c1e8c65c88a2400d10fd30ea17 < 0ca816a96fdcf32644c80cbe7a82c7b6ce6ddda5