CVE-2025-21997
xsk: fix an integer overflow in xp_create_and_assign_umem()
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
03 Apr 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
xsk: fix an integer overflow in xp_create_and_assign_umem()
Since the i and pool->chunk_size variables are of type 'u32',
their product can wrap around and then be cast to 'u64'.
This can lead to two different XDP buffers pointing to the same
memory area.
Found by InfoTeCS on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products
Linux · LinuxReferences
https://git.kernel.org/stable/c/130290f44bce0eead2b827302109afc3fe189dddhttps://git.kernel.org/stable/c/205649d642a5b376724f04f3a5b3586815e43d3bhttps://git.kernel.org/stable/c/559847f56769037e5b2e0474d3dbff985b98083dhttps://git.kernel.org/stable/c/b7b4be1fa43294b50b22e812715198629806678ahttps://git.kernel.org/stable/c/c7670c197b0f1a8726ad5c87bc2bf001a1fc1bbdhttps://lists.debian.org/debian-lts-announce/2025/05/msg00045.html