CVE-2025-21711
Published: Feb 27, 2025
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net/rose: prevent integer overflows in rose_setsockopt() In case of possible unpredictably large arguments passed to rose_setsockopt() and multiplied by extra values on top of that, integer overflows may occur. Do the safest minimum and fix these issues by checking the contents of 'opt' and returning -EINVAL if they are too large. Also, switch to unsigned int and remove useless check for negative 'opt' in ROSE_IDLE case.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 4bdd449977e2364a53d0b2a5427e71beb1cd702daffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < b8583b54455cbec2fc038fa32b6700890b369815affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 9bdee49ad6bbd26ab5e13cc6731e54fb1b6c1dcaaffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 352daa50946c3bbb662432e8daf54d6760796589affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < d08f4074f9c69f7e95502587eb1b258a965ba7f0+2 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.10.235 - <= 5.10.*unaffected 5.15.179 - <= 5.15.*unaffected 6.1.129 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now