CVE-2025-21743
EUVD-2025-518627.02.2025, 03:15
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength > U16_MAX. This could lead to an OoB read. Move the wDatagramIndex term to the other side of the inequality. An existing condition ensures that wDatagramIndex < urb->actual_length.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.5 ≤ 𝑥 < 6.6.78 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.14 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.13.3 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| kernel-64kb |
| ||||||||||||
| kernel-azure |
| ||||||||||||
| kernel-default |
| ||||||||||||
| kernel-default-base |
| ||||||||||||
| kernel-default-extra |
| ||||||||||||
| kernel-docs |
| ||||||||||||
| kernel-macros |
| ||||||||||||
| kernel-obs-build |
| ||||||||||||
| kernel-source |
| ||||||||||||
| kernel-source-azure |
| ||||||||||||
| kernel-syms |
| ||||||||||||
| kernel-syms-azure |
| ||||||||||||
| kernel-zfcpdump |
|
Common Weakness Enumeration