PT-2025-8992 · Linux+4 · Linux Kernel+4

Claudiu Beznea

·

Published

2025-01-29

·

Updated

2026-05-26

·

CVE-2025-21801

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc7-next-20250116-arm64-renesas-00002-g35245dfdc62c
Description A vulnerability in the Linux kernel has been resolved, specifically in the ravb driver. The issue was related to missing rtnl lock in the suspend/resume path, which could lead to conflicts with ongoing ndo operations. Without the fix, a warning about suspicious RCU usage is triggered. The vulnerability affects the ravb open, ravb close, and wol operations, which must be performed under the rtnl lock.
Recommendations To resolve the issue, update to a version of the Linux kernel that includes the fix for the missing rtnl lock in the suspend/resume path. As a temporary workaround, consider ensuring that calls to ravb open, ravb close, and wol operations are performed under the rtnl lock to prevent conflicts with ongoing ndo operations.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

AZL-62612
AZL-69485
BDU:2026-03286
CVE-2025-21801
ECHO-2377-CC5E-C479
OESA-2025-2407
OESA-2025-2408
OESA-2025-2532
OESA-2025-2536
OESA-2025-2537
USN-7521-1
USN-7521-2
USN-7521-3
USN-7651-1
USN-7651-2
USN-7651-3
USN-7651-4
USN-7651-5
USN-7651-6
USN-7652-1
USN-7653-1
USN-7737-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Ubuntu