Unrated severityNVD Advisory· Published Apr 1, 2025· Updated Oct 1, 2025

RDMA/bnxt_re: Add sanity checks on rdev validity

CVE-2025-21901

Description

In the Linux kernel, the following vulnerability has been resolved:

There is a possibility that ulp_irq_stop and ulp_irq_start callbacks will be called when the device is in detached state. This can cause a crash due to NULL pointer dereference as the rdev is already freed.

Affected products

Linux/Linux Kernel Rtllm-fuzzy
osv-coords21 versions
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
< 6.4.0-150700.53.6.1+ 20 more
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.20.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1.150700.17.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 1-150700.1.5.1
- (no CPE)range: < 1-150700.15.3.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.7.8.1
- (no CPE)range: < 6.4.0-150700.20.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.7.8.1
- (no CPE)range: < 6.4.0-150700.20.6.1
- (no CPE)range: < 6.4.0-150700.53.6.1
- (no CPE)range: < 6.4.0-150700.7.8.1
- (no CPE)range: < 6.4.0-150700.53.6.1
Linux/Linuxcpe-rescue
Range: 6.12

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000