๐Ÿ” CVE Alert

CVE-2025-21719

UNKNOWN 0.0

ipmr: do not call mr_mfc_uses_dev() for unres entries

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mr_mfc_uses_dev() for unres entries syzbot found that calling mr_mfc_uses_dev() for unres entries would crash [1], because c->mfc_un.res.minvif / c->mfc_un.res.maxvif alias to "struct sk_buff_head unresolved", which contain two pointers. This code never worked, lets remove it. [1] Unable to handle kernel paging request at virtual address ffff5fff2d536613 KASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f] Modules linked in: CPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline] lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334 Call trace: mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P) mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P) mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382 ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648 rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327 rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791 netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317 netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973 sock_recvmsg_nosec net/socket.c:1033 [inline] sock_recvmsg net/socket.c:1055 [inline] sock_read_iter+0x2d8/0x40c net/socket.c:1125 new_sync_read fs/read_write.c:484 [inline] vfs_read+0x740/0x970 fs/read_write.c:565 ksys_read+0x15c/0x26c fs/read_write.c:708

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Feb 27, 2025
Last Updated May 12, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
cb167893f41e21e6bd283d78e53489289dc0592d < 71a0fcb68c0a5f3ec912b540cd5d72148e6ee5f1 cb167893f41e21e6bd283d78e53489289dc0592d < 53df27fd38f84bd3cd6b004eb4ff3c4903114f1d cb167893f41e21e6bd283d78e53489289dc0592d < 547ef7e8cbb98f966c8719a3e15d4e078aaa9b47 cb167893f41e21e6bd283d78e53489289dc0592d < 57177c5f47a8da852f8d76cf6945cf803f8bb9e5 cb167893f41e21e6bd283d78e53489289dc0592d < b379b3162ff55a70464c6a934ae9bf0497478a62 cb167893f41e21e6bd283d78e53489289dc0592d < a099834a51ccf9bbba3de86a251b3433539abfde cb167893f41e21e6bd283d78e53489289dc0592d < 26bb7d991f04eeef47dfad23e533834995c26f7a cb167893f41e21e6bd283d78e53489289dc0592d < 15a901361ec3fb1c393f91880e1cbf24ec0a88bd
Linux / Linux
4.20

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/71a0fcb68c0a5f3ec912b540cd5d72148e6ee5f1 git.kernel.org: https://git.kernel.org/stable/c/53df27fd38f84bd3cd6b004eb4ff3c4903114f1d git.kernel.org: https://git.kernel.org/stable/c/547ef7e8cbb98f966c8719a3e15d4e078aaa9b47 git.kernel.org: https://git.kernel.org/stable/c/57177c5f47a8da852f8d76cf6945cf803f8bb9e5 git.kernel.org: https://git.kernel.org/stable/c/b379b3162ff55a70464c6a934ae9bf0497478a62 git.kernel.org: https://git.kernel.org/stable/c/a099834a51ccf9bbba3de86a251b3433539abfde git.kernel.org: https://git.kernel.org/stable/c/26bb7d991f04eeef47dfad23e533834995c26f7a git.kernel.org: https://git.kernel.org/stable/c/15a901361ec3fb1c393f91880e1cbf24ec0a88bd lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-265688.html