CVE-2025-21935
Linux Rapidio rio_add_net Memory Leak Vulnerability
Description
In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rio_add_net() in rio_scan_alloc_net() The return value of rio_add_net() should be checked. If it fails, put_device() should be called to free the memory and give up the reference initialized in rio_add_net().
INFO
Published Date :
April 1, 2025, 4:15 p.m.
Last Modified :
April 1, 2025, 8:26 p.m.
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Remotely Exploitable :
No
Impact Score :
Exploitability Score :
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-21935.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-21935 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2025-21935 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Apr. 01, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rio_add_net() in rio_scan_alloc_net() The return value of rio_add_net() should be checked. If it fails, put_device() should be called to free the memory and give up the reference initialized in rio_add_net(). Added Reference https://git.kernel.org/stable/c/181d4daaefb3bceeb2f2635ba9f3781eeda9e550 Added Reference https://git.kernel.org/stable/c/4f3509cfcc02e9d757f2714bb7dbbeec35de6fa7 Added Reference https://git.kernel.org/stable/c/6d22953c4a183d0b7fdf34d68c5debd16da6edc5 Added Reference https://git.kernel.org/stable/c/a0d069ccc475abaaa79c6368ee27fc0b5912bea8 Added Reference https://git.kernel.org/stable/c/ad82be4298a89a9ae46f07128bdf3d8614bce745 Added Reference https://git.kernel.org/stable/c/c332f3e2df0fcae5a45fd55cc18902fb1e4825ca Added Reference https://git.kernel.org/stable/c/e6411c3b9512dba09af7d014d474516828c89706 Added Reference https://git.kernel.org/stable/c/e842f9a1edf306bf36fe2a4d847a0b0d458770de
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-21935 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-21935
weaknesses.