CVE-2025-21800

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset

When bit offset for HWS_SET32 macro is negative, UBSAN complains about the shift-out-of-bounds:

UBSAN: shift-out-of-bounds in drivers/net/ethernet/mellanox/mlx5/core/steering/hws/definer.c:177:2 shift exponent -8 is negative

Affected Software

VendorProductVersion RangeStatus
LinuxLinux74a778b4a63faef9ff02aad0d332b209835f93e1 < 92cff996624c4757d5bbace3dfa3f1567ba94143affected
LinuxLinux74a778b4a63faef9ff02aad0d332b209835f93e1 < 69c676c0ded472713e6d1b3a456b3c4f52f66f0eaffected
LinuxLinux74a778b4a63faef9ff02aad0d332b209835f93e1 < be482f1d10da781db9445d2753c1e3f1fd82babfaffected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.13 <= 6.12.*unaffected
LinuxLinux6.13.2 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

References