CVE-2025-21773
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-21773
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21773.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21773
- Downstream
- Related
- Published
- 2025-02-27T02:18:20Z
- Modified
- 2025-10-17T21:39:15.671226Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
can: etas_es58x: fix potential NULL pointer dereference on udev->serial
The driver assumed that es58x_dev->udev->serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device identity providing a NULL USB serial number. That would trigger a NULL pointer dereference.
Add a check on es58x_dev->udev->serial before accessing it.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1590667a60753ee5a54871f2840ceefd4a7831fa
- https://git.kernel.org/stable/c/5059ea98d7bc133903d3e47ab36df6ed11d0c95f
- https://git.kernel.org/stable/c/722e8e1219c8b6ac2865011fe339315d6a8d0721
- https://git.kernel.org/stable/c/a1ad2109ce41c9e3912dadd07ad8a9c640064ffb
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9f06631c3f1f0f298536443df85a6837ba4c5f5cFixed1590667a60753ee5a54871f2840ceefd4a7831fa
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9f06631c3f1f0f298536443df85a6837ba4c5f5cFixed722e8e1219c8b6ac2865011fe339315d6a8d0721
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9f06631c3f1f0f298536443df85a6837ba4c5f5cFixed5059ea98d7bc133903d3e47ab36df6ed11d0c95f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9f06631c3f1f0f298536443df85a6837ba4c5f5cFixeda1ad2109ce41c9e3912dadd07ad8a9c640064ffb
Affected versions
v6.*
v6.1
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.2
v6.13.3
v6.14-rc1
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"id": "CVE-2025-21773-026d884f",
"signature_version": "v1",
"digest": {
"length": 1061.0,
"function_hash": "254381591604199686299348530311121468798"
},
"target": {
"function": "es58x_devlink_info_get",
"file": "drivers/net/can/usb/etas_es58x/es58x_devlink.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1590667a60753ee5a54871f2840ceefd4a7831fa"
},
{
"signature_type": "Line",
"id": "CVE-2025-21773-0f1ea32c",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"211229695735404882818378227828898203729",
"44961197775626568028297109559599782129",
"7481805705222947569065966125247852411",
"44482395220087883556060558529086823785"
]
},
"target": {
"file": "drivers/net/can/usb/etas_es58x/es58x_devlink.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a1ad2109ce41c9e3912dadd07ad8a9c640064ffb"
},
{
"signature_type": "Function",
"id": "CVE-2025-21773-15ebeda6",
"signature_version": "v1",
"digest": {
"length": 1061.0,
"function_hash": "254381591604199686299348530311121468798"
},
"target": {
"function": "es58x_devlink_info_get",
"file": "drivers/net/can/usb/etas_es58x/es58x_devlink.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a1ad2109ce41c9e3912dadd07ad8a9c640064ffb"
},
{
"signature_type": "Function",
"id": "CVE-2025-21773-185f2a9e",
"signature_version": "v1",
"digest": {
"length": 1061.0,
"function_hash": "254381591604199686299348530311121468798"
},
"target": {
"function": "es58x_devlink_info_get",
"file": "drivers/net/can/usb/etas_es58x/es58x_devlink.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@722e8e1219c8b6ac2865011fe339315d6a8d0721"
},
{
"signature_type": "Line",
"id": "CVE-2025-21773-27f18ab7",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"211229695735404882818378227828898203729",
"44961197775626568028297109559599782129",
"7481805705222947569065966125247852411",
"44482395220087883556060558529086823785"
]
},
"target": {
"file": "drivers/net/can/usb/etas_es58x/es58x_devlink.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5059ea98d7bc133903d3e47ab36df6ed11d0c95f"
},
{
"signature_type": "Line",
"id": "CVE-2025-21773-6003caf9",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"211229695735404882818378227828898203729",
"44961197775626568028297109559599782129",
"7481805705222947569065966125247852411",
"44482395220087883556060558529086823785"
]
},
"target": {
"file": "drivers/net/can/usb/etas_es58x/es58x_devlink.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1590667a60753ee5a54871f2840ceefd4a7831fa"
},
{
"signature_type": "Line",
"id": "CVE-2025-21773-db8c301d",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"211229695735404882818378227828898203729",
"44961197775626568028297109559599782129",
"7481805705222947569065966125247852411",
"44482395220087883556060558529086823785"
]
},
"target": {
"file": "drivers/net/can/usb/etas_es58x/es58x_devlink.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@722e8e1219c8b6ac2865011fe339315d6a8d0721"
},
{
"signature_type": "Function",
"id": "CVE-2025-21773-e7eb5b0d",
"signature_version": "v1",
"digest": {
"length": 1061.0,
"function_hash": "254381591604199686299348530311121468798"
},
"target": {
"function": "es58x_devlink_info_get",
"file": "drivers/net/can/usb/etas_es58x/es58x_devlink.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5059ea98d7bc133903d3e47ab36df6ed11d0c95f"
}
]