CVE-2025-68213
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: idpf: fix possible vport_config NULL pointer deref in remove Attempting to remove the driver will cause a crash in cases where the vport failed to initialize. Following trace is from an instance where the driver failed during an attempt to create a VF: [ 1661.543624] idpf 0000:84:00.7: Device HW Reset initiated [ 1722.923726] idpf 0000:84:00.7: Transaction timed-out (op:1 cookie:2900 vc_op:1 salt:29 timeout:60000ms) [ 1723.353263] BUG: kernel NULL pointer dereference, address: 0000000000000028 ... [ 1723.358472] RIP: 0010:idpf_remove+0x11c/0x200 [idpf] ... [ 1723.364973] Call Trace: [ 1723.365475] <TASK> [ 1723.365972] pci_device_remove+0x42/0xb0 [ 1723.366481] device_release_driver_internal+0x1a9/0x210 [ 1723.366987] pci_stop_bus_device+0x6d/0x90 [ 1723.367488] pci_stop_and_remove_bus_device+0x12/0x20 [ 1723.367971] pci_iov_remove_virtfn+0xbd/0x120 [ 1723.368309] sriov_disable+0x34/0xe0 [ 1723.368643] idpf_sriov_configure+0x58/0x140 [idpf] [ 1723.368982] sriov_numvfs_store+0xda/0x1c0 Avoid the NULL pointer dereference by adding NULL pointer check for vport_config[i], before freeing user_config.q_coalesce.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-18
Generated
2026-05-07
AI Q&A
2025-12-16
EPSS Evaluated
2026-05-05
NVD
CVE-2025-68213
EUVD
EUVD-2025-203683
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
intel idpf *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a NULL pointer dereference in the Linux kernel's idpf driver. It occurs when attempting to remove the driver in cases where the virtual port (vport) failed to initialize, such as during a failed attempt to create a virtual function (VF). The issue causes a kernel crash due to dereferencing a NULL pointer without checking if the pointer is valid before freeing related resources.


How can this vulnerability impact me? :

This vulnerability can cause the Linux kernel to crash when the idpf driver is removed under certain failure conditions. Such crashes can lead to system instability, downtime, and potential loss of data or service availability.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring the system logs for kernel crash messages related to the idpf driver. Specifically, look for kernel NULL pointer dereference errors and messages similar to the following in dmesg or /var/log/kern.log: - "idpf: Device HW Reset initiated" - "Transaction timed-out" - "BUG: kernel NULL pointer dereference" - Call trace involving idpf_remove and pci_device_remove You can use the command `dmesg | grep -i idpf` or `journalctl -k | grep -i idpf` to search for these messages.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability immediately, avoid removing the idpf driver when the vport has failed to initialize, as this triggers the NULL pointer dereference. Applying the patch that adds a NULL pointer check for vport_config before freeing user_config.q_coalesce will prevent the crash. Until the patch is applied, avoid operations that remove the driver or disable SR-IOV on affected devices to prevent triggering the issue.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart