CVE-2025-38123

{"id": "CVE-2025-38123", "cveTags": [], "metrics": {}, "published": "2025-07-03T09:15:26.427", "references": [{"url": "https://git.kernel.org/stable/c/66542e9430c625f878a5b5dc0fe41e3458d614bf", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/905fe0845bb27e4eed2ca27ea06e6c4847f1b2b1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cc89f457d9133a558d4e8ef26dc20843c2d12073", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e2df04e69c3f10b412f54be036dd0ed3b14756cf", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: t7xx: Fix napi rx poll issue\n\nWhen driver handles the napi rx polling requests, the netdev might\nhave been released by the dellink logic triggered by the disconnect\noperation on user plane. However, in the logic of processing skb in\npolling, an invalid netdev is still being used, which causes a panic.\n\nBUG: kernel NULL pointer dereference, address: 00000000000000f1\nOops: 0000 [#1] PREEMPT SMP NOPTI\nRIP: 0010:dev_gro_receive+0x3a/0x620\n[...]\nCall Trace:\n <IRQ>\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_t7xx_ccmni_recv_skb+0x10/0x10 [mtk_t7xx (HASH:1400 7)]\n ? dev_gro_receive+0x3a/0x620\n napi_gro_receive+0xad/0x170\n t7xx_ccmni_recv_skb+0x48/0x70 [mtk_t7xx (HASH:1400 7)]\n t7xx_dpmaif_napi_rx_poll+0x590/0x800 [mtk_t7xx (HASH:1400 7)]\n net_rx_action+0x103/0x470\n irq_exit_rcu+0x13a/0x310\n sysvec_apic_timer_interrupt+0x56/0x90\n </IRQ>"}], "lastModified": "2025-07-03T15:13:53.147", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}