CVE-2025-21954

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netmem: prevent TX of unreadable skbs<br /> <br /> Currently on stable trees we have support for netmem/devmem RX but not<br /> TX. It is not safe to forward/redirect an RX unreadable netmem packet<br /> into the device&amp;#39;s TX path, as the device may call dma-mapping APIs on<br /> dma addrs that should not be passed to it.<br /> <br /> Fix this by preventing the xmit of unreadable skbs.<br /> <br /> Tested by configuring tc redirect:<br /> <br /> sudo tc qdisc add dev eth1 ingress<br /> sudo tc filter add dev eth1 ingress protocol ip prio 1 flower ip_proto \<br /> tcp src_ip 192.168.1.12 action mirred egress redirect dev eth1<br /> <br /> Before, I see unreadable skbs in the driver&amp;#39;s TX path passed to dma<br /> mapping APIs.<br /> <br /> After, I don&amp;#39;t see unreadable skbs in the driver&amp;#39;s TX path passed to dma<br /> mapping APIs.