7.8

CVE-2025-21687

vfio/platform: check the bounds of read/write syscalls

In the Linux kernel, the following vulnerability has been resolved:

vfio/platform: check the bounds of read/write syscalls

count and offset are passed from user space and not checked, only
offset is capped to 40 bits, which can be used to read/write out of
bounds of the device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.1 < 5.4.290
LinuxLinux Kernel Version >= 5.5 < 5.10.234
LinuxLinux Kernel Version >= 5.11 < 5.15.178
LinuxLinux Kernel Version >= 5.16 < 6.1.128
LinuxLinux Kernel Version >= 6.2 < 6.6.75
LinuxLinux Kernel Version >= 6.7 < 6.12.12
LinuxLinux Kernel Version6.13 Update-
LinuxLinux Kernel Version6.13 Updaterc1
LinuxLinux Kernel Version6.13 Updaterc2
LinuxLinux Kernel Version6.13 Updaterc3
LinuxLinux Kernel Version6.13 Updaterc4
LinuxLinux Kernel Version6.13 Updaterc5
LinuxLinux Kernel Version6.13 Updaterc6
LinuxLinux Kernel Version6.13 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.136
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/1485932496a1b025235af8aa1e21988d6b7ccd54
Patch
https://git.kernel.org/stable/c/665cfd1083866f87301bbd232cb8ba48dcf4acce
Patch
https://git.kernel.org/stable/c/6bcb8a5b70b80143db9bf12dfa7d53636f824d53
Patch
https://git.kernel.org/stable/c/92340e6c5122d823ad064984ef7513eba9204048
Patch
https://git.kernel.org/stable/c/a20fcaa230f7472456d12cf761ed13938e320ac3
Patch
https://git.kernel.org/stable/c/c981c32c38af80737a2fedc16e270546d139ccdd
Patch
https://git.kernel.org/stable/c/ce9ff21ea89d191e477a02ad7eabf4f996b80a69
Patch
https://git.kernel.org/stable/c/d19a8650fd3d7aed8d1af1d9a77f979a8430eba1
Patch
https://git.kernel.org/stable/c/f21636f24b6786c8b13f1af4319fa75ffcf17f38
Patch
https://git.kernel.org/stable/c/9377cdc118cf327248f1a9dde7b87de067681dc9
https://git.kernel.org/stable/c/ed81d82bb6e9df3a137f2c343ed689e6c68268ef
https://git.kernel.org/stable/c/f65ce06387f8c1fb54bd59e18a8428248ec68eaf
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html