CVE-2025-21711

EUVD-2025-5242

27.02.2025, 02:15

In the Linux kernel, the following vulnerability has been resolved:

net/rose: prevent integer overflows in rose_setsockopt()

In case of possible unpredictably large arguments passed to
rose_setsockopt() and multiplied by extra values on top of that,
integer overflows may occur.

Do the safest minimum and fix these issues by checking the
contents of 'opt' and returning -EINVAL if they are too large. Also,
switch to unsigned int and remove useless check for negative 'opt'
in ROSE_IDLE case.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 8%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	2.6.12 ≤ 𝑥 < 6.1.129
linux	linux_kernel	6.2 ≤ 𝑥 < 6.6.76
linux	linux_kernel	6.7 ≤ 𝑥 < 6.12.13
linux	linux_kernel	6.13 ≤ 𝑥 < 6.13.2

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
Siemens	SIMATIC S7-1500 TM MFP - GNU\/Linux subsystem	𝑥 < *	ADP

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.170-3 fixed
bookworm (security)	6.1.174-1 fixed
bullseye	vulnerable
bullseye (security)	5.10.257-1 fixed
forky	7.0.9-1 fixed
sid	7.0.10-1 fixed
trixie	6.12.86-1 fixed
trixie (security)	6.12.90-2 fixed

linux-6.1

bullseye (security)

6.1.174-1~deb11u1

fixed

openSUSE / SLES Releases

openSUSE Product

Release

kernel-64kb

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise sap 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise server 15 SP7	6.4.0-150700.51.1 fixed

kernel-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.34.2 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.34.2 fixed

kernel-default

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise sap 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise server 15 SP7	6.4.0-150700.51.1 fixed

kernel-default-base

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.2.150600.12.20.2 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.2.150600.12.20.2 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.2.150600.12.20.2 fixed

kernel-docs

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.51.2 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.51.2 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.51.2 fixed

kernel-macros

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise sap 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise server 15 SP7	6.4.0-150700.51.1 fixed

kernel-obs-build

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.51.2 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.51.2 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.51.2 fixed

kernel-source

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise sap 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise server 15 SP7	6.4.0-150700.51.1 fixed

kernel-source-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.34.2 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.34.2 fixed

kernel-syms

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.51.1 fixed

kernel-syms-azure

suse enterprise sap 15 SP6	6.4.0-150600.8.34.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.8.34.1 fixed

kernel-zfcpdump

suse enterprise desktop 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise desktop 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise sap 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise sap 15 SP7	6.4.0-150700.51.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.47.2 fixed
suse enterprise server 15 SP7	6.4.0-150700.51.1 fixed

Common Weakness Enumeration

CWE-190 - Integer Overflow or Wraparound
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

References

https://git.kernel.org/stable/c/352daa50946c3bbb662432e8daf54d6760796589

https://git.kernel.org/stable/c/4bdd449977e2364a53d0b2a5427e71beb1cd702d

https://git.kernel.org/stable/c/9bdee49ad6bbd26ab5e13cc6731e54fb1b6c1dca

https://git.kernel.org/stable/c/b8583b54455cbec2fc038fa32b6700890b369815

https://git.kernel.org/stable/c/d08f4074f9c69f7e95502587eb1b258a965ba7f0

https://git.kernel.org/stable/c/d640627663bfe7d8963c7615316d7d4ef60f3b0b

https://git.kernel.org/stable/c/e5338930a29d0ab2a5af402f5f664aeba0d1a676

https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html

https://cert-portal.siemens.com/productcert/html/ssa-265688.html