CVE-2025-21782

Summary

In the Linux kernel, the following vulnerability has been resolved:

orangefs: fix a oob in orangefs_debug_write

I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write… several people suggested fixes, I tested Al Viro's suggestion and made this patch.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf7ab093f74bf638ed98fd1115f3efa17e308bb7f < 18b7f841109f697840fe8633cf7ed7d32bd3f91baffected
LinuxLinuxf7ab093f74bf638ed98fd1115f3efa17e308bb7f < 09d472a18c0ee1d5b83612cb919e33a1610fea16affected
LinuxLinuxf7ab093f74bf638ed98fd1115f3efa17e308bb7f < 8725882b0f691f8113b230aea9df0256030a63a6affected
LinuxLinuxf7ab093f74bf638ed98fd1115f3efa17e308bb7f < 1da2697307dad281dd690a19441b5ca4af92d786affected
LinuxLinuxf7ab093f74bf638ed98fd1115f3efa17e308bb7f < 2b84a231910cef2e0a16d29294afabfb69112087affected
LinuxLinuxf7ab093f74bf638ed98fd1115f3efa17e308bb7f < 897f496b946fdcfab5983c983e4b513ab6682364affected
LinuxLinuxf7ab093f74bf638ed98fd1115f3efa17e308bb7f < 1c5244299241cf49d8ae7b5054e299cc8faa4e09affected
LinuxLinuxf7ab093f74bf638ed98fd1115f3efa17e308bb7f < f7c848431632598ff9bce57a659db6af60d75b39affected
LinuxLinux4.6affected
LinuxLinux0 < 4.6unaffected
LinuxLinux5.4.291 <= 5.4.*unaffected
LinuxLinux5.10.235 <= 5.10.*unaffected
LinuxLinux5.15.179 <= 5.15.*unaffected
LinuxLinux6.1.129 <= 6.1.*unaffected
LinuxLinux6.6.79 <= 6.6.*unaffected
LinuxLinux6.12.16 <= 6.12.*unaffected
LinuxLinux6.13.4 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References