CVE-2025-2073

Name of the Vulnerable Software and Affected Versions Google ChromeOS Kernel versions 4.19, 5.4, 5.10, 5.15, 6.1

Description The issue is an Out-of-Bounds Read in the ip set bitmap ip.c file. It affects devices where Termina is used, allowing an attacker with CAP NET ADMIN privileges to cause memory corruption and potentially escalate privileges via crafted ipset commands.

Recommendations For Google ChromeOS Kernel version 4.19, update to a version that fixes the Out-of-Bounds Read issue. For Google ChromeOS Kernel version 5.4, update to a version that fixes the Out-of-Bounds Read issue. For Google ChromeOS Kernel version 5.10, update to a version that fixes the Out-of-Bounds Read issue. For Google ChromeOS Kernel version 5.15, update to a version that fixes the Out-of-Bounds Read issue. For Google ChromeOS Kernel version 6.1, update to a version that fixes the Out-of-Bounds Read issue. As a temporary workaround, consider restricting the use of the ipset command to minimize the risk of exploitation.