CVE-2025-21826
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: reject mismatching sum of field_len with set key length
The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapo_init(). The set key length provides the total size of the key aligned to 32-bits.
Register-based arithmetics still allows for combining mismatching set key length and field length description, eg. set key length 10 and field description [ 5, 4 ] leading to pipapo width of 12.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 2d4c0798a1ef8db15b3277697ac2def4eda42312 < 6b467c8feac759f4c5c86d708beca2aa2b29584f | affected |
| Linux | Linux | 77be8c495a3f841e88b46508cc20d3d7d3289da3 < 5083a7ae45003456c253e981b30a43f71230b4a3 | affected |
| Linux | Linux | 9cb084df01e198119de477ac691d682fb01e80f3 < 2ac254343d3cf228ae0738b2615fedf85d000752 | affected |
| Linux | Linux | dc45bb00e66a33de1abb29e3d587880e1d4d9a7e < 82e491e085719068179ff6a5466b7387cc4bbf32 | affected |
| Linux | Linux | 3ce67e3793f48c1b9635beb9bb71116ca1e51b58 < 49b7182b97bafbd5645414aff054b4a65d05823d | affected |
| Linux | Linux | 3ce67e3793f48c1b9635beb9bb71116ca1e51b58 < ab50d0eff4a939d20c37721fd9766347efcdb6f6 | affected |
| Linux | Linux | 3ce67e3793f48c1b9635beb9bb71116ca1e51b58 < 1b9335a8000fb70742f7db10af314104b6ace220 | affected |
| Linux | Linux | ff67e3e488090908dc015ba04d7407d8bd467f7e | affected |
| Linux | Linux | 5.10.209 < 5.10.235 | affected |
| Linux | Linux | 5.15.148 < 5.15.179 | affected |
| Linux | Linux | 6.1.75 < 6.1.129 | affected |
| Linux | Linux | 6.6.14 < 6.6.76 | affected |
| Linux | Linux | 6.7.2 < 6.8 | affected |
| Linux | Linux | 6.8 | affected |
| Linux | Linux | 0 < 6.8 | unaffected |
| Linux | Linux | 5.10.235 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.179 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.129 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.76 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.13 <= 6.12.* | unaffected |
| Linux | Linux | 6.13.2 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
Additional References
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://cert-portal.siemens.com/productcert/html/ssa-503939.html
References
- https://git.kernel.org/stable/c/6b467c8feac759f4c5c86d708beca2aa2b29584f
- https://git.kernel.org/stable/c/5083a7ae45003456c253e981b30a43f71230b4a3
- https://git.kernel.org/stable/c/2ac254343d3cf228ae0738b2615fedf85d000752
- https://git.kernel.org/stable/c/82e491e085719068179ff6a5466b7387cc4bbf32
- https://git.kernel.org/stable/c/49b7182b97bafbd5645414aff054b4a65d05823d
- https://git.kernel.org/stable/c/ab50d0eff4a939d20c37721fd9766347efcdb6f6
- https://git.kernel.org/stable/c/1b9335a8000fb70742f7db10af314104b6ace220
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.