{"vulnerability": "CVE-2025-21649", "sightings": [{"uuid": "a20f693e-72c0-4a50-ab56-9a04e896062c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21649", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3p4pi2jp2h", "content": "", "creation_timestamp": "2025-01-19T11:16:10.560372Z"}, {"uuid": "9a5836eb-27b1-4a9f-b6e9-1b3f1b5b52da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21649", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113854777192747347", "content": "", "creation_timestamp": "2025-01-19T11:27:09.783829Z"}, {"uuid": "6a784d26-6361-49fc-a889-ba25b4f57630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21649", "type": "seen", "source": "https://t.me/cvedetector/15827", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21649 - Here is the title for the vulnerability: \"Huawei HNS3 Net Driver Null Pointer Dereference Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-21649 \nPublished : Jan. 19, 2025, 11:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: hns3: fix kernel crash when 1588 is sent on HIP08 devices  \n  \nCurrently, HIP08 devices does not register the ptp devices, so the  \nhdev-&gt;ptp is NULL. But the tx process would still try to set hardware time  \nstamp info with SKBTX_HW_TSTAMP flag and cause a kernel crash.  \n  \n[  128.087798] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018  \n...  \n[  128.280251] pc : hclge_ptp_set_tx_info+0x2c/0x140 [hclge]  \n[  128.286600] lr : hclge_ptp_set_tx_info+0x20/0x140 [hclge]  \n[  128.292938] sp : ffff800059b93140  \n[  128.297200] x29: ffff800059b93140 x28: 0000000000003280  \n[  128.303455] x27: ffff800020d48280 x26: ffff0cb9dc814080  \n[  128.309715] x25: ffff0cb9cde93fa0 x24: 0000000000000001  \n[  128.315969] x23: 0000000000000000 x22: 0000000000000194  \n[  128.322219] x21: ffff0cd94f986000 x20: 0000000000000000  \n[  128.328462] x19: ffff0cb9d2a166c0 x18: 0000000000000000  \n[  128.334698] x17: 0000000000000000 x16: ffffcf1fc523ed24  \n[  128.340934] x15: 0000ffffd530a518 x14: 0000000000000000  \n[  128.347162] x13: ffff0cd6bdb31310 x12: 0000000000000368  \n[  128.353388] x11: ffff0cb9cfbc7070 x10: ffff2cf55dd11e02  \n[  128.359606] x9 : ffffcf1f85a212b4 x8 : ffff0cd7cf27dab0  \n[  128.365831] x7 : 0000000000000a20 x6 : ffff0cd7cf27d000  \n[  128.372040] x5 : 0000000000000000 x4 : 000000000000ffff  \n[  128.378243] x3 : 0000000000000400 x2 : ffffcf1f85a21294  \n[  128.384437] x1 : ffff0cb9db520080 x0 : ffff0cb9db500080  \n[  128.390626] Call trace:  \n[  128.393964]  hclge_ptp_set_tx_info+0x2c/0x140 [hclge]  \n[  128.399893]  hns3_nic_net_xmit+0x39c/0x4c4 [hns3]  \n[  128.405468]  xmit_one.constprop.0+0xc4/0x200  \n[  128.410600]  dev_hard_start_xmit+0x54/0xf0  \n[  128.415556]  sch_direct_xmit+0xe8/0x634  \n[  128.420246]  __dev_queue_xmit+0x224/0xc70  \n[  128.425101]  dev_queue_xmit+0x1c/0x40  \n[  128.429608]  ovs_vport_send+0xac/0x1a0 [openvswitch]  \n[  128.435409]  do_output+0x60/0x17c [openvswitch]  \n[  128.440770]  do_execute_actions+0x898/0x8c4 [openvswitch]  \n[  128.446993]  ovs_execute_actions+0x64/0xf0 [openvswitch]  \n[  128.453129]  ovs_dp_process_packet+0xa0/0x224 [openvswitch]  \n[  128.459530]  ovs_vport_receive+0x7c/0xfc [openvswitch]  \n[  128.465497]  internal_dev_xmit+0x34/0xb0 [openvswitch]  \n[  128.471460]  xmit_one.constprop.0+0xc4/0x200  \n[  128.476561]  dev_hard_start_xmit+0x54/0xf0  \n[  128.481489]  __dev_queue_xmit+0x968/0xc70  \n[  128.486330]  dev_queue_xmit+0x1c/0x40  \n[  128.490856]  ip_finish_output2+0x250/0x570  \n[  128.495810]  __ip_finish_output+0x170/0x1e0  \n[  128.500832]  ip_finish_output+0x3c/0xf0  \n[  128.505504]  ip_output+0xbc/0x160  \n[  128.509654]  ip_send_skb+0x58/0xd4  \n[  128.513892]  udp_send_skb+0x12c/0x354  \n[  128.518387]  udp_sendmsg+0x7a8/0x9c0  \n[  128.522793]  inet_sendmsg+0x4c/0x8c  \n[  128.527116]  __sock_sendmsg+0x48/0x80  \n[  128.531609]  __sys_sendto+0x124/0x164  \n[  128.536099]  __arm64_sys_sendto+0x30/0x5c  \n[  128.540935]  invoke_syscall+0x50/0x130  \n[  128.545508]  el0_svc_common.constprop.0+0x10c/0x124  \n[  128.551205]  do_el0_svc+0x34/0xdc  \n[  128.555347]  el0_svc+0x20/0x30  \n[  128.559227]  el0_sync_handler+0xb8/0xc0  \n[  128.563883]  el0_sync+0x160/0x180 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:07:12.000000Z"}, {"uuid": "cbc043cc-22f5-425c-a8a6-ac76d773035e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21649", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "b6fec4a4-5393-4071-810f-5ef11a152e34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21649", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2318", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21649\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when 1588 is sent on HIP08 devices\n\nCurrently, HIP08 devices does not register the ptp devices, so the\nhdev-&gt;ptp is NULL. But the tx process would still try to set hardware time\nstamp info with SKBTX_HW_TSTAMP flag and cause a kernel crash.\n\n[  128.087798] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018\n...\n[  128.280251] pc : hclge_ptp_set_tx_info+0x2c/0x140 [hclge]\n[  128.286600] lr : hclge_ptp_set_tx_info+0x20/0x140 [hclge]\n[  128.292938] sp : ffff800059b93140\n[  128.297200] x29: ffff800059b93140 x28: 0000000000003280\n[  128.303455] x27: ffff800020d48280 x26: ffff0cb9dc814080\n[  128.309715] x25: ffff0cb9cde93fa0 x24: 0000000000000001\n[  128.315969] x23: 0000000000000000 x22: 0000000000000194\n[  128.322219] x21: ffff0cd94f986000 x20: 0000000000000000\n[  128.328462] x19: ffff0cb9d2a166c0 x18: 0000000000000000\n[  128.334698] x17: 0000000000000000 x16: ffffcf1fc523ed24\n[  128.340934] x15: 0000ffffd530a518 x14: 0000000000000000\n[  128.347162] x13: ffff0cd6bdb31310 x12: 0000000000000368\n[  128.353388] x11: ffff0cb9cfbc7070 x10: ffff2cf55dd11e02\n[  128.359606] x9 : ffffcf1f85a212b4 x8 : ffff0cd7cf27dab0\n[  128.365831] x7 : 0000000000000a20 x6 : ffff0cd7cf27d000\n[  128.372040] x5 : 0000000000000000 x4 : 000000000000ffff\n[  128.378243] x3 : 0000000000000400 x2 : ffffcf1f85a21294\n[  128.384437] x1 : ffff0cb9db520080 x0 : ffff0cb9db500080\n[  128.390626] Call trace:\n[  128.393964]  hclge_ptp_set_tx_info+0x2c/0x140 [hclge]\n[  128.399893]  hns3_nic_net_xmit+0x39c/0x4c4 [hns3]\n[  128.405468]  xmit_one.constprop.0+0xc4/0x200\n[  128.410600]  dev_hard_start_xmit+0x54/0xf0\n[  128.415556]  sch_direct_xmit+0xe8/0x634\n[  128.420246]  __dev_queue_xmit+0x224/0xc70\n[  128.425101]  dev_queue_xmit+0x1c/0x40\n[  128.429608]  ovs_vport_send+0xac/0x1a0 [openvswitch]\n[  128.435409]  do_output+0x60/0x17c [openvswitch]\n[  128.440770]  do_execute_actions+0x898/0x8c4 [openvswitch]\n[  128.446993]  ovs_execute_actions+0x64/0xf0 [openvswitch]\n[  128.453129]  ovs_dp_process_packet+0xa0/0x224 [openvswitch]\n[  128.459530]  ovs_vport_receive+0x7c/0xfc [openvswitch]\n[  128.465497]  internal_dev_xmit+0x34/0xb0 [openvswitch]\n[  128.471460]  xmit_one.constprop.0+0xc4/0x200\n[  128.476561]  dev_hard_start_xmit+0x54/0xf0\n[  128.481489]  __dev_queue_xmit+0x968/0xc70\n[  128.486330]  dev_queue_xmit+0x1c/0x40\n[  128.490856]  ip_finish_output2+0x250/0x570\n[  128.495810]  __ip_finish_output+0x170/0x1e0\n[  128.500832]  ip_finish_output+0x3c/0xf0\n[  128.505504]  ip_output+0xbc/0x160\n[  128.509654]  ip_send_skb+0x58/0xd4\n[  128.513892]  udp_send_skb+0x12c/0x354\n[  128.518387]  udp_sendmsg+0x7a8/0x9c0\n[  128.522793]  inet_sendmsg+0x4c/0x8c\n[  128.527116]  __sock_sendmsg+0x48/0x80\n[  128.531609]  __sys_sendto+0x124/0x164\n[  128.536099]  __arm64_sys_sendto+0x30/0x5c\n[  128.540935]  invoke_syscall+0x50/0x130\n[  128.545508]  el0_svc_common.constprop.0+0x10c/0x124\n[  128.551205]  do_el0_svc+0x34/0xdc\n[  128.555347]  el0_svc+0x20/0x30\n[  128.559227]  el0_sync_handler+0xb8/0xc0\n[  128.563883]  el0_sync+0x160/0x180\n\ud83d\udccf Published: 2025-01-19T10:18:06.911Z\n\ud83d\udccf Modified: 2025-01-19T10:18:06.911Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/f19ab3ef96d9626e5f1bdc56d3574c355e83d623\n2. https://git.kernel.org/stable/c/9741e72b2286de8b38de9db685588ac421a95c87", "creation_timestamp": "2025-01-19T10:58:20.000000Z"}]}