CVE-2025-21833

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.10.142-1-generic Linux kernel versions prior to 5.10.142-1-hardened Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the iommu/vt-d component. Specifically, the issue involves a potential null pointer dereference following a warning message. A WARN ON ONCE mechanism is in place to detect an unusual scenario where the pasid cannot be located by the domain remove dev pasid function. However, if this situation occurs, the code does not prevent the subsequent use of a null pointer, which could lead to system instability or other undefined behavior. The domain remove dev pasid function is involved in removing a device's process address space ID (pasid).

Recommendations Update to Linux kernel version 5.10.142-1-generic or later. Update to Linux kernel version 5.10.142-1-hardened or later. At the moment, there is no information about a newer version that contains a fix for this vulnerability.