Login Sign Up

CVE-2025-21783

5.5 MEDIUM

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's gpiolib subsystem can cause kernel crashes when gpiochip_get_ngpios() is called via bgpio_init() with error conditions. This affects Linux systems using GPIO functionality, potentially leading to denial of service. The vulnerability requires local access to trigger.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE, but likely multiple stable kernel versions before the fix commits.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using GPIO functionality. The vulnerability triggers during GPIO chip initialization error handling.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash/kernel panic requiring reboot, potentially causing data loss or service disruption.

🟠

Likely Case

Local denial of service through kernel crash when specific GPIO operations fail during initialization.

🟢

If Mitigated

Minimal impact with proper access controls preventing unprivileged users from triggering the vulnerable code path.

🌐 Internet-Facing: LOW - Requires local access to trigger, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or processes with appropriate permissions could cause system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires ability to trigger specific error conditions during GPIO initialization, typically needing appropriate permissions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 189fb76215e479c10731baabb50f1a352d2078f5, 4d9b2b62e1136d10f661ec4c0c268140b6f74f4f, 7b4aebeecbbd5b5fe73e35fad3f62ed21aa7ef44, a7052afa9eae2239e25943baa8817a6a56e8aa68

Vendor Advisory: https://git.kernel.org/stable/c/189fb76215e479c10731baabb50f1a352d2078f5

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable GPIO functionality

linux

Prevent use of GPIO subsystem if not required

modprobe -r gpiochip_module_name
echo 'blacklist gpiochip_module_name' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Restrict access to GPIO devices to trusted users only
  • Monitor system logs for kernel panic/crash events related to GPIO operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched versions from kernel git repository. Vulnerable if using kernel without the fix commits.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains one of the fix commit hashes: grep -q '189fb76215e479c10731baabb50f1a352d2078f5\|4d9b2b62e1136d10f661ec4c0c268140b6f74f4f\|7b4aebeecbbd5b5fe73e35fad3f62ed21aa7ef44\|a7052afa9eae2239e25943baa8817a6a56e8aa68' /proc/version

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • NULL pointer dereference errors in dmesg
  • GPIO-related crash reports

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("NULL pointer dereference" OR "kernel panic" OR "GPIO")

📊 Metadata

CVE ID: CVE-2025-21783
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
EPSS Score: 0.04% exploit probability (10.5th percentile)
Published: February 27, 2025
Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-21783, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2019-20914 9.8

This vulnerability in GNU LibreDWG is a NULL pointer dereference that can cause application crashes ...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)