CVE-2025-21723

MEDIUM EPSS 10.9%
Published Feb 27, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 27, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value. Consequently, in mpi3mr_bsg_exit(), the condition "if(!mrioc->bsg_queue)" will not be satisfied, preventing execution from entering bsg_remove_queue(), which could lead to the following crash: BUG: kernel NULL pointer dereference, address: 000000000000041c Call Trace: <TASK> mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr] mpi3mr_remove+0x6f/0x340 [mpi3mr] pci_device_remove+0x3f/0xb0 device_release_driver_internal+0x19d/0x220 unbind_store+0xa4/0xb0 kernfs_fop_write_iter+0x11f/0x200 vfs_write+0x1fc/0x3e0 ksys_write+0x67/0xe0 do_syscall_64+0x38/0x80 entry_SYSCALL_64_after_hwframe+0x78/0xe2

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
10.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥5.19  –  <6.12.13
linuxlinux_kernel*≥6.13  –  <6.13.2

References 3

  • git.kernel.org https://git.kernel.org/stable/c/19b248069d1b1424982723a2bf3941ad864d5204
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/295006f6e8c17212d3098811166e29627d19e05c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/832b8f95a2832321b8200ae478ed988b25faaef4
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/19b248069d1b1424982723a2bf3941ad864d5204
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/295006f6e8c17212d3098811166e29627d19e05c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/832b8f95a2832321b8200ae478ed988b25faaef4
    Patch