CVE-2025-21789

EUVD-2025-5144
In the Linux kernel, the following vulnerability has been resolved:

LoongArch: csum: Fix OoB access in IP checksum code for negative lengths

Commit 69e3a6aa6be2 ("LoongArch: Add checksum optimization for 64-bit
system") would cause an undefined shift and an out-of-bounds read.

Commit 8bd795fedb84 ("arm64: csum: Fix OoB access in IP checksum code
for negative lengths") fixes the same issue on ARM64.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CISA-ADPADP
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.4 ≤
𝑥
< 6.6.79
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.16
linuxlinux_kernel
6.13 ≤
𝑥
< 6.13.4
linuxlinux_kernel
6.14:rc1
linuxlinux_kernel
6.14:rc2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.159-1
not-affected
bookworm (security)
6.1.162-1
fixed
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.249-1
fixed
forky
6.18.15-1
fixed
sid
6.18.15-1
fixed
trixie
6.12.63-1
fixed
trixie (security)
6.12.73-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/6287f1a8c16138c2ec750953e35039634018c84a
https://git.kernel.org/stable/c/964a8895704a22efc06a2a3276b624a5ae985a06
https://git.kernel.org/stable/c/9f15a8df542c0f08732a67d1a14ee7c22948fb97
https://git.kernel.org/stable/c/d6508ffff32b44b6d0de06704034e4eef1c307a7