PT-2025-4334 · Linux+6 · Linux Kernel+6
Syzbot
·
Published
2025-01-03
·
Updated
2025-05-29
·
CVE-2025-21653
CVSS v2.0
6.8
Medium
| Vector | AV:L/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
A vulnerability in the Linux kernel has been resolved, specifically in the net sched: cls flow component, where the TCA FLOW RSHIFT attribute was not validated. This could lead to undefined behavior when right-shifting a 32-bit integer with large shift values. The issue was discovered by syzbot and is related to a shift-out-of-bounds error in the net/sched/cls flow.c file. The vulnerability affects the flow classify function and can be triggered through the tc classify function.
Recommendations
To resolve the issue, update the Linux kernel to version 6.6.74 or later.
As a temporary workaround, consider restricting access to the vulnerable
flow classify() function until a patch is available.
Avoid using the TCA FLOW RSHIFT attribute in the affected API endpoint until the issue is resolved.Exploit
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu