QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-21826

Back to search

CVE-2025-21826

Published: Mar 6, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject mismatching sum of field_len with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapo_init(). The set key length provides the total size of the key aligned to 32-bits. Register-based arithmetics still allows for combining mismatching set key length and field length description, eg. set key length 10 and field description [ 5, 4 ] leading to pipapo width of 12.

VendorProductVersions

Linux

Linux

affected
2d4c0798a1ef8db15b3277697ac2def4eda42312 - < 6b467c8feac759f4c5c86d708beca2aa2b29584f
affected
77be8c495a3f841e88b46508cc20d3d7d3289da3 - < 5083a7ae45003456c253e981b30a43f71230b4a3
affected
9cb084df01e198119de477ac691d682fb01e80f3 - < 2ac254343d3cf228ae0738b2615fedf85d000752
affected
dc45bb00e66a33de1abb29e3d587880e1d4d9a7e - < 82e491e085719068179ff6a5466b7387cc4bbf32
affected
3ce67e3793f48c1b9635beb9bb71116ca1e51b58 - < 49b7182b97bafbd5645414aff054b4a65d05823d

+8 more versions

Linux

Linux

affected
6.8
unaffected
0 - < 6.8
unaffected
5.10.235 - <= 5.10.*
unaffected
5.15.179 - <= 5.15.*
unaffected
6.1.129 - <= 6.1.*

+4 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now