CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-21798: firewire: test: Fix potential null dereference in firewire kunit test

Description

In the Linux kernel, the following vulnerability has been resolved:

firewire: test: Fix potential null dereference in firewire kunit test

kunit_kzalloc() may return a NULL pointer, dereferencing it without
NULL check may lead to NULL dereference.
Add a NULL check for test_state.

Classification

CVE ID: CVE-2025-21798

Affected Products

Vendor: Linux, Linux

Product: Linux, Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 1.73% (scored less or equal to compared to others)

EPSS Date: 2025-03-28 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-21798
https://git.kernel.org/stable/c/c6896bf4c611c3dd126f3e03685f2360a18b3d6f
https://git.kernel.org/stable/c/70fcb25472d90dd3b87cbee74b9eb68670b0c7b8
https://git.kernel.org/stable/c/352fafe97784e81a10a7c74bd508f71a19b53c2a

Timeline