Description

In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: fix potential NULL pointer dereference on udev->serial The driver assumed that es58x_dev->udev->serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device identity providing a NULL USB serial number. That would trigger a NULL pointer dereference. Add a check on es58x_dev->udev->serial before accessing it.

INFO

Published Date :

2025-02-27T02:18:20.013Z

Last Modified :

2025-10-01T19:36:40.601Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-21773 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-21773.

URL Resource
https://git.kernel.org/stable/c/1590667a60753ee5a54871f2840ceefd4a7831fa cve-icon cve-icon
https://git.kernel.org/stable/c/5059ea98d7bc133903d3e47ab36df6ed11d0c95f cve-icon cve-icon
https://git.kernel.org/stable/c/722e8e1219c8b6ac2865011fe339315d6a8d0721 cve-icon cve-icon
https://git.kernel.org/stable/c/a1ad2109ce41c9e3912dadd07ad8a9c640064ffb cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022606-CVE-2025-21773-2ee7@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-21773 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-21773 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact