PT-2025-8807 · Linux+6 · Linux Kernel+6

Syzbot

Published

2025-01-14

Updated

2026-04-20

CVE-2025-21724

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A shift-out-of-bounds issue was found in the iova bitmap offset to index() function, where shifting the constant 1 by bitmap->mapped.pgshift could result in undefined behavior due to overflow when pgshift exceeds 31. This issue was resolved by updating the constant to 1UL, promoting it to an unsigned long type to match the operand's type.

Recommendations To resolve this issue, update the constant in the iova bitmap offset to index() function to 1UL to prevent shift-out-of-bounds and potential undefined behavior.

Exploit

Fix

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-125

Related Identifiers

BDU:2025-11881

CVE-2025-21724

DLA-4102-1

OESA-2025-1339

OESA-2025-1340

OPENSUSE-SU-2025_0847-1

OPENSUSE-SU-2025_0856-1

OPENSUSE-SU-2025_0955-1

RHSA-2026:0917

RHSA-2026:1441

RHSA-2026:1443

SUSE-SU-2025:01919-1

SUSE-SU-2025:0847-1

SUSE-SU-2025:0856-1

SUSE-SU-2025:0955-1

SUSE-SU-2025:20190-1

SUSE-SU-2025:20192-1

SUSE-SU-2025:20260-1

SUSE-SU-2025:20270-1

SUSE-SU-2025_0847-1

SUSE-SU-2025_0856-1

SUSE-SU-2025_0955-1

USN-7521-1

USN-7521-2

USN-7521-3

USN-7651-1

USN-7651-2

USN-7651-3

USN-7651-4

USN-7651-5

USN-7651-6

USN-7652-1

USN-7653-1

USN-7737-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2025-8807 · Linux+6 · Linux Kernel+6

CVE-2025-21724

Weakness Enumeration

Related Identifiers

Affected Products

References · 1580