CVE-2025-21680

HIGH EPSS 10.9%
Published Jan 31, 20251y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Jan 31, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in get_imix_entries Passing a sufficient amount of imix entries leads to invalid access to the pkt_dev->imix_entries array because of the incorrect boundary check. UBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24 index 20 is out of range for type 'imix_pkt [20]' CPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Call Trace: <TASK> dump_stack_lvl lib/dump_stack.c:117 __ubsan_handle_out_of_bounds lib/ubsan.c:429 get_imix_entries net/core/pktgen.c:874 pktgen_if_write net/core/pktgen.c:1063 pde_write fs/proc/inode.c:334 proc_reg_write fs/proc/inode.c:346 vfs_write fs/read_write.c:593 ksys_write fs/read_write.c:644 do_syscall_64 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130 Found by Linux Verification Center (linuxtesting.org) with SVACE. [ fp: allow to fill the array completely; minor changelog cleanup ]

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
10.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-129

Affected Products 11

VendorProductVersionRange
linuxlinux_kernel*≥5.15  –  <5.15.177
linuxlinux_kernel*≥5.16  –  <6.1.127
linuxlinux_kernel*≥6.2  –  <6.6.74
linuxlinux_kernel*≥6.7  –  <6.12.11
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any

References 6

  • git.kernel.org https://git.kernel.org/stable/c/1a9b65c672ca9dc4ba52ca2fd54329db9580ce29
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3450092cc2d1c311c5ea92a2486daa2a33520ea5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/76201b5979768500bca362871db66d77cb4c225e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7cde21f52042aa2e29a654458166b873d2ae66b3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e5d24a7074dcd0c7e76b7e7e4efbbe7418d62486
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1a9b65c672ca9dc4ba52ca2fd54329db9580ce29
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3450092cc2d1c311c5ea92a2486daa2a33520ea5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/76201b5979768500bca362871db66d77cb4c225e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7cde21f52042aa2e29a654458166b873d2ae66b3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e5d24a7074dcd0c7e76b7e7e4efbbe7418d62486
    Patch