cve-2025-37787
Vulnerability from cvelistv5
Published
2025-05-01 13:07
Modified
2025-05-04 07:32
Severity ?
EPSS score ?
Summary
net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered
References
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/dsa/mv88e6xxx/devlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8ccdf5e24b276848eefb2755e05ff0f005a0c4a1",
"status": "affected",
"version": "836021a2d0e0e4c90b895a35bd9c0342071855fb",
"versionType": "git"
},
{
"lessThan": "b3c70dfe51f10df60db2646c08cebd24bcdc5247",
"status": "affected",
"version": "836021a2d0e0e4c90b895a35bd9c0342071855fb",
"versionType": "git"
},
{
"lessThan": "bbb80f004f7a90c3dcaacc982c59967457254a05",
"status": "affected",
"version": "836021a2d0e0e4c90b895a35bd9c0342071855fb",
"versionType": "git"
},
{
"lessThan": "3665695e3572239dc233216f06b41f40cc771889",
"status": "affected",
"version": "836021a2d0e0e4c90b895a35bd9c0342071855fb",
"versionType": "git"
},
{
"lessThan": "5f5e95945bb1e08be7655da6acba648274db457d",
"status": "affected",
"version": "836021a2d0e0e4c90b895a35bd9c0342071855fb",
"versionType": "git"
},
{
"lessThan": "c84f6ce918a9e6f4996597cbc62536bbf2247c96",
"status": "affected",
"version": "836021a2d0e0e4c90b895a35bd9c0342071855fb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/dsa/mv88e6xxx/devlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.135",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.88",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.25",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15-rc3",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.135",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.88",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.25",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.4",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15-rc3",
"versionStartIncluding": "5.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T07:32:35.404Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8ccdf5e24b276848eefb2755e05ff0f005a0c4a1"
},
{
"url": "https://git.kernel.org/stable/c/b3c70dfe51f10df60db2646c08cebd24bcdc5247"
},
{
"url": "https://git.kernel.org/stable/c/bbb80f004f7a90c3dcaacc982c59967457254a05"
},
{
"url": "https://git.kernel.org/stable/c/3665695e3572239dc233216f06b41f40cc771889"
},
{
"url": "https://git.kernel.org/stable/c/5f5e95945bb1e08be7655da6acba648274db457d"
},
{
"url": "https://git.kernel.org/stable/c/c84f6ce918a9e6f4996597cbc62536bbf2247c96"
}
],
"title": "net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37787",
"datePublished": "2025-05-01T13:07:21.593Z",
"dateReserved": "2025-04-16T04:51:23.940Z",
"dateUpdated": "2025-05-04T07:32:35.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-37787\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-05-01T14:15:43.040\",\"lastModified\":\"2025-05-02T13:53:20.943\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\\n\\nRussell King reports that a system with mv88e6xxx dereferences a NULL\\npointer when unbinding this driver:\\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\\n\\nThe crash seems to be in devlink_region_destroy(), which is not NULL\\ntolerant but is given a NULL devlink global region pointer.\\n\\nAt least on some chips, some devlink regions are conditionally registered\\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\\n\\n\\t\\tif (cond \u0026\u0026 !cond(chip))\\n\\t\\t\\tcontinue;\\n\\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\\ndoes not have an STU or PVT, it should crash like this.\\n\\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: mv88e6xxx: evitar anular el registro de regiones devlink que nunca se registraron Russell King informa que un sistema con mv88e6xxx desreferencia un puntero NULL al desvincular este controlador: https://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/ El fallo parece estar en devlink_region_destroy(), que no tolera NULL pero se le asigna un puntero de regi\u00f3n global devlink NULL. Al menos en algunos chips, algunas regiones devlink se registran condicionalmente desde la confirmaci\u00f3n culpable, consulte mv88e6xxx_setup_devlink_regions_global(): if (cond \u0026amp;\u0026amp; !cond(chip)) continue; Estos son MV88E6XXX_REGION_STU y MV88E6XXX_REGION_PVT. Si el chip no tiene una STU o PVT, deber\u00eda fallar de esta manera. Para solucionar el problema, evite anular el registro de las regiones nulas, es decir, las que se omitieron al ejecutar mv88e6xxx_setup_devlink_regions_global().\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3665695e3572239dc233216f06b41f40cc771889\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/5f5e95945bb1e08be7655da6acba648274db457d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8ccdf5e24b276848eefb2755e05ff0f005a0c4a1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b3c70dfe51f10df60db2646c08cebd24bcdc5247\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/bbb80f004f7a90c3dcaacc982c59967457254a05\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c84f6ce918a9e6f4996597cbc62536bbf2247c96\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.