CVE-2025-38665
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-22

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct can_priv::do_set_mode callback. There are 2 code path that call struct can_priv::do_set_mode: - directly by a manual restart from the user space, via can_changelink() - delayed automatic restart after bus off (deactivated by default) To prevent the NULL pointer deference, refuse a manual restart or configure the automatic restart delay in can_changelink() and report the error via extack to user space. As an additional safety measure let can_restart() return an error if can_priv::do_set_mode is not set instead of dereferencing it unchecked.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-22
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-08-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-38665
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel 6.1.153
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a NULL pointer dereference in the Linux kernel's CAN (Controller Area Network) subsystem. It occurs when a CAN device is restarted from a Bus Off state and the driver does not implement the required callback function can_priv::do_set_mode. The vulnerability happens because the kernel code attempts to call this callback without checking if it is set, leading to a NULL pointer dereference and potential kernel crash or instability.

Impact Analysis

This vulnerability can cause the Linux kernel to crash or become unstable when a CAN device is restarted improperly, potentially leading to denial of service or system instability in environments using CAN devices.

Mitigation Strategies

To mitigate this vulnerability, ensure that the Linux kernel is updated to a version where the fix is applied. The fix prevents NULL pointer dereference by refusing manual restart or configuring automatic restart delay in can_changelink() and reporting errors properly. Therefore, applying the kernel update that includes this patch is the immediate step to prevent exploitation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-38665. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart