CVE-2025-21789 — Out-of-bounds Read in Linux

CWE-125 — Out-of-bounds Read6 documents6 sources

Severity

7.1HIGHNVD

EPSS

0.0%

top 89.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +2 more

Timeline

PublishedFeb 27

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69e3a6aa6be2 ("LoongArch: Add checksum optimization for 64-bit system") would cause an undefined shift and an out-of-bounds read. Commit 8bd795fedb84 ("arm64: csum: Fix OoB access in IP checksum code for negative lengths") fixes the same issue on ARM64.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages6 packages

▶NVDlinux/linux_kernel6.4 — 6.6.79+3

▶Debianlinux/linux_kernel< 6.12.16-1+1

▶msrcmsrc/azl3_kernel_6.6.78.1-3_on_azure_linux_3.0

▶msrcmsrc/azl3_kernel_6.6.79.1-1_on_azure_linux_3.0

▶CVEListV5linux/linux69e3a6aa6be21de6aaf38130fad97ecde34a193c — 964a8895704a22efc06a2a3276b624a5ae985a06+4

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-fm6p-4m7g-f8f3: In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit↗2025-02-27

▶

OSV

CVE-2025-21789: In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69↗2025-02-27

▶

📋Vendor Advisories

Red Hat

kernel: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths↗2025-02-27

▶

Microsoft

LoongArch: csum: Fix OoB access in IP checksum code for negative lengths↗2025-02-11

▶

Debian

CVE-2025-21789: linux - In the Linux kernel, the following vulnerability has been resolved: LoongArch: ...↗2025

▶