CVE-2025-21773

In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: fix potential NULL pointer dereference on udev->serial The driver assumed that es58x_dev->udev->serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device identity providing a NULL USB serial number. That would trigger a NULL pointer dereference. Add a check on es58x_dev->udev->serial before accessing it.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1590667a60753ee5a54871f2840ceefd4a7831fa	Patch
https://git.kernel.org/stable/c/5059ea98d7bc133903d3e47ab36df6ed11d0c95f	Patch
https://git.kernel.org/stable/c/722e8e1219c8b6ac2865011fe339315d6a8d0721	Patch
https://git.kernel.org/stable/c/a1ad2109ce41c9e3912dadd07ad8a9c640064ffb	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc2::::::

History

No history.

Information

Published : 2025-02-27 03:15

Updated : 2025-10-01 20:18

NVD link : CVE-2025-21773

Mitre link : CVE-2025-21773

CVE.ORG link : CVE-2025-21773

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2025-21773", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-02-27T03:15:17.970", "references": [{"url": "https://git.kernel.org/stable/c/1590667a60753ee5a54871f2840ceefd4a7831fa", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5059ea98d7bc133903d3e47ab36df6ed11d0c95f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/722e8e1219c8b6ac2865011fe339315d6a8d0721", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a1ad2109ce41c9e3912dadd07ad8a9c640064ffb", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev->serial\n\nThe driver assumed that es58x_dev->udev->serial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev->udev->serial before accessing it."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: etas_es58x: corrige una posible desreferencia de puntero NULL en udev->serial El controlador asumi\u00f3 que es58x_dev->udev->serial nunca podr\u00eda ser NULL. Si bien esto es cierto en dispositivos disponibles comercialmente, un atacante podr\u00eda falsificar la identidad del dispositivo proporcionando un n\u00famero de serie USB NULL. Eso activar\u00eda una desreferencia de puntero NULL. Agregue una verificaci\u00f3n en es58x_dev->udev->serial antes de acceder a \u00e9l."}], "lastModified": "2025-10-01T20:18:23.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B16AADE5-B2FD-4C14-B4E4-85E8EDAFE775", "versionEndExcluding": "6.6.79", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13C8DB18-FC60-425F-84E5-3EDDEC61B2FC", "versionEndExcluding": "6.12.16", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A2093ED-74A9-43F9-AC72-50030F374EA4", "versionEndExcluding": "6.13.4", "versionStartIncluding": "6.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "186716B6-2B66-4BD0-852E-D48E71C0C85F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D3E781C-403A-498F-9DA9-ECEE50F41E75"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}