PT-2025-8854 · Linux+5 · Linux Kernel+5

Foster Snowhill

·

Published

2025-01-26

·

Updated

2026-04-20

·

CVE-2025-21742

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been identified, specifically in the usbnet: ipheth component. The issue arises from the original code allowing the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. This led to a potential out-of-bounds read, as only the start position of NDP16 was checked, allowing the fixed-length part of NDP16 to extend past the end of URB. To address this, the code now relies on and checks for the specific format where the NDP16 header directly follows NTH16, as seen on iOS devices. Additionally, an existing NCM-specific minimal URB length check ensures that the fixed-length part of NDP16 plus a set amount of DPEs fit within the URB.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025:20095
ALT-PU-2025-12647
BDU:2025-11891
CVE-2025-21742
OESA-2025-1446
OESA-2025-1450
OPENSUSE-SU-2025_1177-1
OPENSUSE-SU-2025_1178-1
OPENSUSE-SU-2025_1180-1
RHSA-2025:20095
SUSE-SU-2025:01919-1
SUSE-SU-2025:1177-1
SUSE-SU-2025:1178-1
SUSE-SU-2025:1180-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025_1177-1
SUSE-SU-2025_1178-1
SUSE-SU-2025_1180-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7651-1
USN-7651-2
USN-7651-3
USN-7651-4
USN-7651-5
USN-7651-6
USN-7652-1
USN-7653-1
USN-7737-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu