CVE-2025-21810

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A potential wild pointer dereferences issue exists in the Linux kernel regarding the APIs class dev iter init(), class dev iter next(), and class dev iter exit(). The issue arises when the class dev iter init() function does not initialize its output parameter @iter and returns void, allowing the caller to continue invoking class dev iter next(@iter) even if @iter still contains wild pointers. This can lead to dereferences of these wild pointers, causing errors. The issue is resolved by initializing the output parameter @iter by memset() in class dev iter init() and prompting callers of errors by pr crit(). Additionally, class dev iter next() now checks if @iter is valid.

Recommendations For the Linux kernel, to resolve this issue, apply the fix that initializes the output parameter @iter by memset() in class dev iter init() and implements error checking in class dev iter next(). As a temporary workaround, consider adding manual checks for the validity of @iter before invoking class dev iter next() to minimize the risk of exploitation.