Back to search
CVE-2025-21905
Published: Apr 1, 2025
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perhaps even read beyond the end of the file buffer. Fix that by limiting the print format to the size of the buffer we have.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected aee1b6385e29e472ae5592b9652b750a29bf702e - < 38f0d398b6d7640d223db69df022c4a232f24774affected aee1b6385e29e472ae5592b9652b750a29bf702e - < c0e626f2b2390472afac52dfe72b29daf9ed8e1daffected aee1b6385e29e472ae5592b9652b750a29bf702e - < 47616b82f2d42ea2060334746fed9a2988d845c9affected aee1b6385e29e472ae5592b9652b750a29bf702e - < 88ed69f924638c7503644e1f8eed1e976f3ffa7aaffected aee1b6385e29e472ae5592b9652b750a29bf702e - < b02f8d5a71c8571ccf77f285737c566db73ef5e5+3 more versions |
Linux | Linux | affected 5.2unaffected 0 - < 5.2unaffected 5.4.291 - <= 5.4.*unaffected 5.10.235 - <= 5.10.*unaffected 5.15.179 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now