CVE-2025-37787 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver: https://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/ The crash seems to be in devlink_region_destroy(), which is not NULL tolerant but is given a NULL devlink global region pointer. At least on some chips, some devlink regions are conditionally registered since the blamed commit, see mv88e6xxx_setup_devlink_regions_global(): if (cond && !cond(chip)) continue; These are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip does not have an STU or PVT, it should crash like this. To fix the issue, avoid unregistering those regions which are NULL, i.e. were skipped at mv88e6xxx_setup_devlink_regions_global() time.

Reserved 2025-04-16 | Published 2025-05-01 | Updated 2025-05-26 | Assigner Linux

Product status

Default status

unaffected

836021a2d0e0e4c90b895a35bd9c0342071855fb before 8ccdf5e24b276848eefb2755e05ff0f005a0c4a1

affected

836021a2d0e0e4c90b895a35bd9c0342071855fb before b3c70dfe51f10df60db2646c08cebd24bcdc5247

affected

836021a2d0e0e4c90b895a35bd9c0342071855fb before bbb80f004f7a90c3dcaacc982c59967457254a05

affected

836021a2d0e0e4c90b895a35bd9c0342071855fb before 3665695e3572239dc233216f06b41f40cc771889

affected

836021a2d0e0e4c90b895a35bd9c0342071855fb before 5f5e95945bb1e08be7655da6acba648274db457d

affected

836021a2d0e0e4c90b895a35bd9c0342071855fb before c84f6ce918a9e6f4996597cbc62536bbf2247c96

affected

Default status

affected

5.13

affected

Any version before 5.13

unaffected

5.15.181

unaffected

6.1.135

unaffected

6.6.88

unaffected

6.12.25

unaffected

6.14.4

unaffected

6.15

unaffected

References

git.kernel.org/...c/8ccdf5e24b276848eefb2755e05ff0f005a0c4a1

git.kernel.org/...c/b3c70dfe51f10df60db2646c08cebd24bcdc5247

git.kernel.org/...c/bbb80f004f7a90c3dcaacc982c59967457254a05

git.kernel.org/...c/3665695e3572239dc233216f06b41f40cc771889

git.kernel.org/...c/5f5e95945bb1e08be7655da6acba648274db457d

git.kernel.org/...c/c84f6ce918a9e6f4996597cbc62536bbf2247c96

cve.org (CVE-2025-37787)

nvd.nist.gov (CVE-2025-37787)

Download JSON