PT-2025-14590 · Linux+10 · Linux Kernel+10

Published

2025-03-13

·

Updated

2026-04-20

·

CVE-2025-21997

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to an integer overflow in the xp create and assign umem() function. This occurs because the product of the i and pool->chunk size variables, both of type u32, can wrap around and then be cast to u64. As a result, two different XDP buffers can point to the same memory area.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2025:8643
ALT-PU-2025-12647
ALT-PU-2025-5786
AZL-59904
BDU:2025-11625
CVE-2025-21997
DLA-4193-1
DSA-5900-1
ECHO-B414-336E-CAE9
INFSA-2025_8643
MGASA-2025-0142
MGASA-2025-0146
OESA-2025-1878
OESA-2025-1879
OESA-2025-1880
RHSA-2025:8643
RHSA-2025:8669
RHSA-2025_8643
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02538-1
USN-7605-1
USN-7605-2
USN-7606-1
USN-7628-1
USN-7764-1
USN-7764-2
USN-7765-1
USN-7766-1
USN-7767-1
USN-7767-2
USN-7779-1
USN-7790-1
USN-7800-1
USN-7801-1
USN-7801-2
USN-7801-3
USN-7802-1
USN-7809-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu