CVE-2025-21743

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-21743
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21743.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-21743
Downstream
Related
Published
2025-02-27T02:12:16.696Z
Modified
2025-11-20T08:23:07.714493Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
usbnet: ipheth: fix possible overflow in DPE length check
Details

In the Linux kernel, the following vulnerability has been resolved:

usbnet: ipheth: fix possible overflow in DPE length check

Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength > U16_MAX. This could lead to an OoB read.

Move the wDatagramIndex term to the other side of the inequality.

An existing condition ensures that wDatagramIndex < urb->actual_length.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a2d274c62e44b1995c170595db3865c6fe701226
Fixed
18bf6f5cce3172cb303c3f0551aa9443d5ed74f8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a2d274c62e44b1995c170595db3865c6fe701226
Fixed
d677e7dd59ad6837496f5a02d8e5d39824278dfd
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a2d274c62e44b1995c170595db3865c6fe701226
Fixed
d824a964185910e317287f034c0a439c08b4fe49
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a2d274c62e44b1995c170595db3865c6fe701226
Fixed
c219427ed296f94bb4b91d08626776dc7719ee27

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.2
v6.4
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "id": "CVE-2025-21743-10bd0a4c",
        "target": {
            "file": "drivers/net/usb/ipheth.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "301389355470214459195284982672297822197",
                "298133520944151931187362571388482250461",
                "76572484340202498387509851637566467690",
                "200068095066672702538505363669776667897",
                "68481034466493860657717357708890409776"
            ]
        },
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18bf6f5cce3172cb303c3f0551aa9443d5ed74f8",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2025-21743-130a4825",
        "target": {
            "file": "drivers/net/usb/ipheth.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "301389355470214459195284982672297822197",
                "298133520944151931187362571388482250461",
                "76572484340202498387509851637566467690",
                "200068095066672702538505363669776667897",
                "68481034466493860657717357708890409776"
            ]
        },
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d824a964185910e317287f034c0a439c08b4fe49",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2025-21743-23cdc320",
        "target": {
            "file": "drivers/net/usb/ipheth.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "301389355470214459195284982672297822197",
                "298133520944151931187362571388482250461",
                "76572484340202498387509851637566467690",
                "200068095066672702538505363669776667897",
                "68481034466493860657717357708890409776"
            ]
        },
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d677e7dd59ad6837496f5a02d8e5d39824278dfd",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2025-21743-2cad0d18",
        "target": {
            "file": "drivers/net/usb/ipheth.c",
            "function": "ipheth_rcvbulk_callback_ncm"
        },
        "digest": {
            "length": 1332.0,
            "function_hash": "148062528337805178021070550724045519131"
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18bf6f5cce3172cb303c3f0551aa9443d5ed74f8",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2025-21743-e363f585",
        "target": {
            "file": "drivers/net/usb/ipheth.c",
            "function": "ipheth_rcvbulk_callback_ncm"
        },
        "digest": {
            "length": 1332.0,
            "function_hash": "148062528337805178021070550724045519131"
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d677e7dd59ad6837496f5a02d8e5d39824278dfd",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2025-21743-e690c86b",
        "target": {
            "file": "drivers/net/usb/ipheth.c",
            "function": "ipheth_rcvbulk_callback_ncm"
        },
        "digest": {
            "length": 1332.0,
            "function_hash": "148062528337805178021070550724045519131"
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d824a964185910e317287f034c0a439c08b4fe49",
        "signature_version": "v1"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.5.0
Fixed
6.6.78
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.14
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.3