5.5
CVE-2025-21957
- EPSS 0.03%
- Veröffentlicht 01.04.2025 16:15:26
- Zuletzt bearbeitet 03.11.2025 20:17:32
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level > 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUG_QLA1280 enabled and ql_debug_level > 2. I think its clear from the code that the intention here is sg_dma_len(s) not length of sg_next(s) when printing the debug info.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.4.292
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.236
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.180
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.132
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.84
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.20
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.8
Linux ≫ Linux Kernel Version6.14 Updaterc1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.075 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.