Out-of-Bounds Access in Linux Kernel Affecting LoongArch and ARM64 Architectures
CVE-2025-21789

7.1HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2025-21789?

A vulnerability in the Linux kernel has been identified, which involves out-of-bounds (OoB) access due to an issue in the IP checksum code. The root cause stems from a specific change made in commit 69e3a6aa6be2 that introduces the possibility of an undefined shift, leading to abnormal access patterns. This issue is particularly relevant for both LoongArch and ARM64 architectures, with a fix provided in subsequent commits to ensure security and stability in TCP/IP checksum operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 69e3a6aa6be21de6aaf38130fad97ecde34a193c < 964a8895704a22efc06a2a3276b624a5ae985a06

Linux 69e3a6aa6be21de6aaf38130fad97ecde34a193c < 9f15a8df542c0f08732a67d1a14ee7c22948fb97

Linux 69e3a6aa6be21de6aaf38130fad97ecde34a193c

References

https://git.kernel.org/stable/c/964a8895704a22efc06a2a327...
https://git.kernel.org/stable/c/9f15a8df542c0f08732a67d1a...
https://git.kernel.org/stable/c/d6508ffff32b44b6d0de06704...

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.