Validation Issue in Linux Kernel's Team Network Driver
CVE-2025-21787

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A validation vulnerability exists in the Linux kernel that affects the team network driver, specifically in how it validates user-provided data. When user input does not adequately include a null byte, it may lead to potential undefined behavior, as indicated by reported KMSAN (Kernel Memory Sanitizer) errors. This flaw highlights the importance of strict validation checks in network drivers to ensure robust security and stability.

Affected Version(s)

Linux 3d249d4ca7d0ed6629a135ea1ea21c72286c0d80 < 4512482e4805dd30bc77dec511f2a2edba5cb868

Linux 3d249d4ca7d0ed6629a135ea1ea21c72286c0d80

Linux 3d249d4ca7d0ed6629a135ea1ea21c72286c0d80 < 4236bf4716589558cc0f3c3612642b2c2141b04e

References

https://git.kernel.org/stable/c/4512482e4805dd30bc77dec51...

https://git.kernel.org/stable/c/d071a91fa614ecdf760c29f61...

https://git.kernel.org/stable/c/4236bf4716589558cc0f3c361...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024