CVE-2025-21993

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the iscsi ibft module. When performing an iSCSI boot using IPv6, the iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry, causing a UBSAN shift-out-of-bounds warning due to the IPv6 prefix length being 64. The concept of a subnet mask does not apply to IPv6, and the value is set to ~0 to suppress the warning message.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.