CVE-2025-21975

net/mlx5: handle errors in mlx5_chains_create_table()

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5_chains_create_table() In mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns() and mlx5_get_flow_namespace() must be checked to prevent NULL pointer dereferences. If either function fails, the function should log error message with mlx5_core_warn() and return error pointer.

N/A
CVSS
Severity:
EPSS 0.06%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/15bdd93728369b2c8942a8e5d549d4b5dc04a2d9
https://git.kernel.org/stable/c/29c419c64e9b396baeda1d8713d2aa3ba7c0acf6
https://git.kernel.org/stable/c/1598307c914ba3d2642a2b03d1ff11efbdb7c6c2
https://git.kernel.org/stable/c/637105ef0d46fe5beac15aceb431da3ec832bb00
https://git.kernel.org/stable/c/1d34296409a519b4027750e3e82d9e19553a7398
https://git.kernel.org/stable/c/093b4aaec97ec048623e3fe1e516fc45a954d412
https://git.kernel.org/stable/c/eab0396353be1c778eba1c0b5180176f04dd21ce

Frequently Asked Questions

What is the severity of CVE-2025-21975?
CVE-2025-21975 has not yet been assigned a CVSS score.
How to fix CVE-2025-21975?
To fix CVE-2025-21975, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-21975 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-21975 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-21975?
CVE-2025-21975 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.