CVE-2025-21997
xsk: fix an integer overflow in xp_create_and_assign_umem()
CVSS Score
5.5
EPSS Score
0.0%
EPSS Percentile
0th
In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xp_create_and_assign_umem() Since the i and pool->chunk_size variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the same memory area. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE.
| Vendor | linux |
| Product | linux |
| Ecosystems | |
| Industries | Technology |
| Published | Apr 3, 2025 |
| Last Updated | May 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for linux linux
Be the first to know when new medium vulnerabilities affecting linux linux are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Linux / Linux
94033cd8e73b8632bab7c8b7bb54caa4f5616db7 < 205649d642a5b376724f04f3a5b3586815e43d3b 94033cd8e73b8632bab7c8b7bb54caa4f5616db7 < b7b4be1fa43294b50b22e812715198629806678a 94033cd8e73b8632bab7c8b7bb54caa4f5616db7 < 130290f44bce0eead2b827302109afc3fe189ddd 94033cd8e73b8632bab7c8b7bb54caa4f5616db7 < c7670c197b0f1a8726ad5c87bc2bf001a1fc1bbd 94033cd8e73b8632bab7c8b7bb54caa4f5616db7 < 559847f56769037e5b2e0474d3dbff985b98083d
Linux / Linux
5.16
References
git.kernel.org: https://git.kernel.org/stable/c/205649d642a5b376724f04f3a5b3586815e43d3b git.kernel.org: https://git.kernel.org/stable/c/b7b4be1fa43294b50b22e812715198629806678a git.kernel.org: https://git.kernel.org/stable/c/130290f44bce0eead2b827302109afc3fe189ddd git.kernel.org: https://git.kernel.org/stable/c/c7670c197b0f1a8726ad5c87bc2bf001a1fc1bbd git.kernel.org: https://git.kernel.org/stable/c/559847f56769037e5b2e0474d3dbff985b98083d lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html