- Description
- In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() This patch addresses a null-ptr-deref in qt2_process_read_urb() due to an incorrect bounds check in the following: if (newport > serial->num_ports) { dev_err(&port->dev, "%s - port change to invalid port: %i\n", __func__, newport); break; } The condition doesn't account for the valid range of the serial->port buffer, which is from 0 to serial->num_ports - 1. When newport is equal to serial->num_ports, the assignment of "port" in the following code is out-of-bounds and NULL: serial_priv->current_port = newport; port = serial->port[serial_priv->current_port]; The fix checks if newport is greater than or equal to serial->num_ports indicating it is out-of-bounds.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- nvd@nist.gov
- CWE-476
- Hype score
- Not currently trending
🚨 CVE-2025-21689 ❓ 🏢 Linux - Linux 🏗️ f7a33e608d9ae022b7f49307921627e34e9484ed 🔗 https://t.co/B7MRdJm9T6 🔗 https://t.co/GQWo35NI9N 🔗 https://t.co/sxNMr4V03b 🔗 https://t.co/xQ2Jb6rDKm 🔗 https://t.co/oBWJI1aL4z 🔗 https://t.co/VJ9lDCnmDr #CyberCron #VulnAlert https://t.co/I
@cybercronai
13 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-21689 02/10/2025 04:15:38 PM In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() This patch addresses a null-... https://t.co/MfghIT7ZTs
@CVETracker
10 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-21689 ❓ 🏢 Linux - Linux 🏗️ f7a33e608d9ae022b7f49307921627e34e9484ed 🔗 https://t.co/B7MRdJm9T6 🔗 https://t.co/GQWo35NI9N 🔗 https://t.co/sxNMr4V03b 🔗 https://t.co/xQ2Jb6rDKm 🔗 https://t.co/oBWJI1aL4z 🔗 https://t.co/VJ9lDCnmDr #CyberCron #VulnAlert https://t.co/A
@cybercronai
10 Feb 2025
141 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
1 Quote
CVE-2025-21689 In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() This patch addresses a null-… https://t.co/UoAdKwKJOp
@CVEnew
10 Feb 2025
204 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C332DF00-BEC8-45B0-8795-4706DA6CBD65",
"versionEndExcluding": "5.4.290",
"versionStartIncluding": "3.5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F732162B-ED7E-4367-A5C2-B24FD9B0D33B",
"versionEndExcluding": "5.10.234",
"versionStartIncluding": "5.5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "171159A1-9827-4C7B-821D-55398B837C49",
"versionEndExcluding": "5.15.178",
"versionStartIncluding": "5.11"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDB5047C-0330-407A-BE1B-513B5BF304DE",
"versionEndExcluding": "6.1.128",
"versionStartIncluding": "5.16"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8D39B53-7390-48BE-92FD-8846BE8E8430",
"versionEndExcluding": "6.6.75",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B04C243A-753B-49A9-87C7-92FCC1425FB7",
"versionEndExcluding": "6.12.12",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A3F9505-6B98-4269-8B81-127E55A1BF00"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "034C36A6-C481-41F3-AE9A-D116E5BE6895"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5DFCDFB8-4FD0-465A-9076-D813D78FE51B"
}
],
"operator": "OR"
}
]
}
]