CVE-2025-21723
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-21723
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21723.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21723
- Downstream
- Related
- Published
- 2025-02-27T02:07:30Z
- Modified
- 2025-10-17T21:16:50.306497Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- scsi: mpi3mr: Fix possible crash when setting up bsg fails
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix possible crash when setting up bsg fails
If bsgsetupqueue() fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit(), the condition "if(!mrioc->bsgqueue)" will not be satisfied, preventing execution from entering bsgremovequeue(), which could lead to the following crash:
BUG: kernel NULL pointer dereference, address: 000000000000041c Call Trace: <TASK> mpi3mrbsgexit+0x1f/0x50 [mpi3mr] mpi3mrremove+0x6f/0x340 [mpi3mr] pcideviceremove+0x3f/0xb0 devicereleasedriverinternal+0x19d/0x220 unbindstore+0xa4/0xb0 kernfsfopwriteiter+0x11f/0x200 vfswrite+0x1fc/0x3e0 ksyswrite+0x67/0xe0 dosyscall64+0x38/0x80 entrySYSCALL64afterhwframe+0x78/0xe2
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4268fa7513655a83d5492705591fdac6c65db48aFixed19b248069d1b1424982723a2bf3941ad864d5204
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4268fa7513655a83d5492705591fdac6c65db48aFixed832b8f95a2832321b8200ae478ed988b25faaef4
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4268fa7513655a83d5492705591fdac6c65db48aFixed295006f6e8c17212d3098811166e29627d19e05c
Affected versions
v5.*
v5.18
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"id": "CVE-2025-21723-023efe74",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr_app.c",
"function": "mpi3mr_bsg_init"
},
"digest": {
"function_hash": "314842461029838438126146503481078988613",
"length": 756.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@295006f6e8c17212d3098811166e29627d19e05c"
},
{
"id": "CVE-2025-21723-078223e4",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
},
"digest": {
"line_hashes": [
"17033577370083454376350646283721284321",
"283890727680852026423554118530685657327",
"318226655733807486823978670328288795439",
"85206932440455049757634554855579563844",
"132327324132714086281639179433263732224",
"55761116933216384215111467194320943440",
"259784406367571660669669955573844267085",
"4293841962934392444318120120656960222",
"126795252975911848326725188455606434889",
"18465820379552302985419087244373158731",
"264644465059542627763740507390622707414",
"81809209827353412073430783453573823591",
"163024959367687913150223395619200303645",
"131954047978967146898478147391875694605",
"233548574783427236029521591909364667917"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@295006f6e8c17212d3098811166e29627d19e05c"
},
{
"id": "CVE-2025-21723-5e9e0ab2",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
},
"digest": {
"line_hashes": [
"17033577370083454376350646283721284321",
"283890727680852026423554118530685657327",
"318226655733807486823978670328288795439",
"85206932440455049757634554855579563844",
"132327324132714086281639179433263732224",
"55761116933216384215111467194320943440",
"259784406367571660669669955573844267085",
"4293841962934392444318120120656960222",
"126795252975911848326725188455606434889",
"18465820379552302985419087244373158731",
"264644465059542627763740507390622707414",
"81809209827353412073430783453573823591",
"163024959367687913150223395619200303645",
"131954047978967146898478147391875694605",
"233548574783427236029521591909364667917"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@832b8f95a2832321b8200ae478ed988b25faaef4"
},
{
"id": "CVE-2025-21723-69b9fd6c",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
},
"digest": {
"line_hashes": [
"17033577370083454376350646283721284321",
"283890727680852026423554118530685657327",
"318226655733807486823978670328288795439",
"85206932440455049757634554855579563844",
"132327324132714086281639179433263732224",
"55761116933216384215111467194320943440",
"259784406367571660669669955573844267085",
"4293841962934392444318120120656960222",
"126795252975911848326725188455606434889",
"18465820379552302985419087244373158731",
"264644465059542627763740507390622707414",
"81809209827353412073430783453573823591",
"163024959367687913150223395619200303645",
"131954047978967146898478147391875694605",
"233548574783427236029521591909364667917"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@19b248069d1b1424982723a2bf3941ad864d5204"
},
{
"id": "CVE-2025-21723-7d97d6f1",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr_app.c",
"function": "mpi3mr_bsg_init"
},
"digest": {
"function_hash": "314842461029838438126146503481078988613",
"length": 756.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@19b248069d1b1424982723a2bf3941ad864d5204"
},
{
"id": "CVE-2025-21723-f658cb4d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr_app.c",
"function": "mpi3mr_bsg_init"
},
"digest": {
"function_hash": "314842461029838438126146503481078988613",
"length": 756.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@832b8f95a2832321b8200ae478ed988b25faaef4"
}
]