Linux Kernel Vulnerability in Partition Table Handling
CVE-2025-21772

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability has been identified in the Linux kernel's handling of partition tables. This problem arises during the processing of defective partition tables, where improper handling can lead to access violations. Specifically, issues include failing to correctly validate sector sizes given as absurd values, which could allow for out-of-bounds memory access. Additionally, assumptions about the null termination of partition table entries may lead to incorrect memory operations. Proper safeguards have been implemented to mitigate these risks, ensuring robust partition probing and enhancing overall system security.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 27a39d006f85e869be68c1d5d2ce05e5d6445bf5

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 92527100be38ede924768f4277450dfe8a40e16b

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6578717ebca91678131d2b1f4ba4258e60536e9f

References

https://git.kernel.org/stable/c/27a39d006f85e869be68c1d5d...

https://git.kernel.org/stable/c/92527100be38ede924768f427...

https://git.kernel.org/stable/c/6578717ebca91678131d2b1f4...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024