Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2025-38123

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/07/2025
Last modified:
03/07/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: wwan: t7xx: Fix napi rx poll issue<br /> <br /> When driver handles the napi rx polling requests, the netdev might<br /> have been released by the dellink logic triggered by the disconnect<br /> operation on user plane. However, in the logic of processing skb in<br /> polling, an invalid netdev is still being used, which causes a panic.<br /> <br /> BUG: kernel NULL pointer dereference, address: 00000000000000f1<br /> Oops: 0000 [#1] PREEMPT SMP NOPTI<br /> RIP: 0010:dev_gro_receive+0x3a/0x620<br /> [...]<br /> Call Trace:<br /> <br /> ? __die_body+0x68/0xb0<br /> ? page_fault_oops+0x379/0x3e0<br /> ? exc_page_fault+0x4f/0xa0<br /> ? asm_exc_page_fault+0x22/0x30<br /> ? __pfx_t7xx_ccmni_recv_skb+0x10/0x10 [mtk_t7xx (HASH:1400 7)]<br /> ? dev_gro_receive+0x3a/0x620<br /> napi_gro_receive+0xad/0x170<br /> t7xx_ccmni_recv_skb+0x48/0x70 [mtk_t7xx (HASH:1400 7)]<br /> t7xx_dpmaif_napi_rx_poll+0x590/0x800 [mtk_t7xx (HASH:1400 7)]<br /> net_rx_action+0x103/0x470<br /> irq_exit_rcu+0x13a/0x310<br /> sysvec_apic_timer_interrupt+0x56/0x90<br />

Impact

References to Advisories, Solutions, and Tools