You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 21957
About this tag
CVE-2025-21957 is a Linux kernel vulnerability in the qla1280 SCSI driver that can cause a denial-of-service via a null-pointer dereference. The issue only triggers when the driver is built with debugging enabled and the debug level exceeds 2. A targeted upstream patch has been released to fix the null dereference. Discussions on WindowsForum cover the technical details of the vulnerability, the affected driver code, and the patch that prevents the kernel oops. This tag is relevant for Linux system administrators and security professionals tracking kernel CVEs, particularly those managing systems with QLogic 12xx-series SCSI or Fibre Channel devices.
A small, targeted fix landed upstream this spring to close CVE-2025-21957 — a null‑dereference in the Linux SCSI qla1280 driver that can trigger a kernel oops (and therefore a denial-of-service) when the driver is built with its debugging path enabled and the runtime debug level exceeds 2...