UBSAN Shift-Out-of-Bounds Vulnerability in Linux Kernel
CVE-2025-21815

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Linux kernel's memory management subsystem was identified, causing a UBSAN shift-out-of-bounds warning triggered in the isolate_freepages_block function. The issue arose from improper handling of the compound_order variable which could take on unexpected values. A MAX_PAGE_ORDER check was added to mitigate this issue, ensuring proper functionality and reducing the risk of exploitable conditions in memory management.

Affected Version(s)

Linux 3da0272a4c7d0d37b47b28e87014f421296fc2be < 4491159774d973a9e2e998d25d8fbb20fada6dfa

Linux 3da0272a4c7d0d37b47b28e87014f421296fc2be < 10b7d3eb535098ccd4c82a182a33655d8a0e5c88

Linux 3da0272a4c7d0d37b47b28e87014f421296fc2be

References

https://git.kernel.org/stable/c/4491159774d973a9e2e998d25...

https://git.kernel.org/stable/c/10b7d3eb535098ccd4c82a182...

https://git.kernel.org/stable/c/d1366e74342e75555af2648a2...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024