CVE-2025-21888Improper Check or Handling of Exceptional Conditions in Linux

CWE-703Improper Check or Handling of Exceptional Conditions58 documents7 sources
Severity
5.5MEDIUMNVD
OSV7.8OSV4.7
EPSS
0.0%
top 84.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
16
LinuxLinux KernelDebian Linux+13 more
Timeline
PublishedMar 27
Latest updateDec 3

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during dereg_mr for DM type Memory regions (MR) of type DM (device memory) do not have an associated umem. In the __mlx5_ib_dereg_mr() -> mlx5_free_priv_descs() flow, the code incorrectly takes the wrong branch, attempting to call dma_unmap_single() on a DMA address that is not mapped. This results in a WARN [1], as shown below. The issue is resolved by properly accounting for the DM type and ensuring

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages18 packages

NVDlinux/linux_kernel5.136.12.18+2
Debianlinux/linux_kernel< 6.12.19-1+1
Ubuntulinux/linux_kernel< 5.15.0-156.166+1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

28
OSV
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlate2025-12-03
OSV
linux-oracle-6.8 vulnerabilities2025-10-15
OSV
linux-nvidia-tegra-igx vulnerabilities2025-10-06
OSV
linux-oracle vulnerabilities2025-10-06
OSV
linux-azure, linux-azure-6.8 vulnerabilities2025-10-02

📋Vendor Advisories

29
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-10-15
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-10-06
Ubuntu
Linux kernel (NVIDIA Tegra IGX) vulnerabilities2025-10-06
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-10-02
Ubuntu
Linux kernel (HWE) vulnerabilities2025-10-02