CVE-2025-21644NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference15 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 94.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJan 19
Latest updateApr 1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix tlb invalidation when wedging If GuC fails to load, the driver wedges, but in the process it tries to do stuff that may not be initialized yet. This moves the xe_gt_tlb_invalidation_init() to be done earlier: as its own doc says, it's a software-only initialization and should had been named with the _early() suffix. Move it to be called by xe_gt_init_early(), so the locks and seqno are initialized, avoiding a NULL

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.116.12.10+1
Debianlinux/linux_kernel< 6.12.10-1+1
CVEListV5linux/linuxc9474b726b932b5d555effd9ed0ae19f4da2367c09b94ddc58c6640cbbc7775a61a5387b8be71488+2
debiandebian/linux< linux 6.12.10-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

7
OSV
linux-raspi vulnerabilities2025-04-01
OSV
linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle, linux-realtime vulnerabilities2025-03-27
OSV
linux-oem-6.11 vulnerabilities2025-03-27
OSV
linux-lowlatency vulnerabilities2025-03-27
OSV
linux-lowlatency-hwe-6.11 vulnerabilities2025-03-27

📋Vendor Advisories

7
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-04-01
Ubuntu
Linux kernel (Low Latency) vulnerabilities2025-03-27
Ubuntu
Linux kernel (Low Latency) vulnerabilities2025-03-27
Ubuntu
Linux kernel vulnerabilities2025-03-27
Ubuntu
Linux kernel (OEM) vulnerabilities2025-03-27
CVE-2025-21644 — NULL Pointer Dereference in Linux | cvebase