CVE-2025-21904
Published: Apr 1, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: caif_virtio: fix wrong pointer check in cfv_probe() del_vqs() frees virtqueues, therefore cfv->vq_tx pointer should be checked for NULL before calling it, not cfv->vdev. Also the current implementation is redundant because the pointer cfv->vdev is dereferenced before it is checked for NULL. Fix this by checking cfv->vq_tx for NULL instead of cfv->vdev before calling del_vqs().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0d2e1a2926b1839a4b74519e660739b2566c9386 - < 990fff6980d0c1693d60a812f58dbf93eab0473faffected 0d2e1a2926b1839a4b74519e660739b2566c9386 - < 7b5fe58959822e6cfa884327cabba6be3b01883daffected 0d2e1a2926b1839a4b74519e660739b2566c9386 - < 8e4e08ca4cc634b337bb74bc9a70758fdeda0bcbaffected 0d2e1a2926b1839a4b74519e660739b2566c9386 - < 29e0cd296c87240278e2f7ea4cf3f496b60c03afaffected 0d2e1a2926b1839a4b74519e660739b2566c9386 - < 90d302619ee7ce5ed0c69c29c290bdccfde66418+3 more versions |
Linux | Linux | affected 3.10unaffected 0 - < 3.10unaffected 5.4.291 - <= 5.4.*unaffected 5.10.235 - <= 5.10.*unaffected 5.15.179 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now