Back to search
CVE-2025-21687
Published: Feb 10, 2025
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 6e3f264560099869f68830cb14b3b3e71e5ac76a - < f21636f24b6786c8b13f1af4319fa75ffcf17f38affected 6e3f264560099869f68830cb14b3b3e71e5ac76a - < 9377cdc118cf327248f1a9dde7b87de067681dc9affected 6e3f264560099869f68830cb14b3b3e71e5ac76a - < d19a8650fd3d7aed8d1af1d9a77f979a8430eba1affected 6e3f264560099869f68830cb14b3b3e71e5ac76a - < ed81d82bb6e9df3a137f2c343ed689e6c68268efaffected 6e3f264560099869f68830cb14b3b3e71e5ac76a - < 92340e6c5122d823ad064984ef7513eba9204048+7 more versions |
Linux | Linux | affected 4.1unaffected 0 - < 4.1unaffected 5.4.290 - <= 5.4.*unaffected 5.4.291 - <= 5.4.*unaffected 5.10.234 - <= 5.10.*+9 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now