CVE-2025-21789
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-21789
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21789.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-21789
- Downstream
- Published
- 2025-02-27T02:18:27.817Z
- Modified
- 2025-11-20T08:22:58.503626Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
- Summary
- LoongArch: csum: Fix OoB access in IP checksum code for negative lengths
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: csum: Fix OoB access in IP checksum code for negative lengths
Commit 69e3a6aa6be2 ("LoongArch: Add checksum optimization for 64-bit system") would cause an undefined shift and an out-of-bounds read.
Commit 8bd795fedb84 ("arm64: csum: Fix OoB access in IP checksum code for negative lengths") fixes the same issue on ARM64.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/6287f1a8c16138c2ec750953e35039634018c84a
- https://git.kernel.org/stable/c/964a8895704a22efc06a2a3276b624a5ae985a06
- https://git.kernel.org/stable/c/9f15a8df542c0f08732a67d1a14ee7c22948fb97
- https://git.kernel.org/stable/c/d6508ffff32b44b6d0de06704034e4eef1c307a7
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced69e3a6aa6be21de6aaf38130fad97ecde34a193cFixed964a8895704a22efc06a2a3276b624a5ae985a06
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced69e3a6aa6be21de6aaf38130fad97ecde34a193cFixed9f15a8df542c0f08732a67d1a14ee7c22948fb97
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced69e3a6aa6be21de6aaf38130fad97ecde34a193cFixedd6508ffff32b44b6d0de06704034e4eef1c307a7
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced69e3a6aa6be21de6aaf38130fad97ecde34a193cFixed6287f1a8c16138c2ec750953e35039634018c84a
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.2
v6.13.3
v6.14-rc1
v6.14-rc2
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"id": "CVE-2025-21789-2de2690c",
"target": {
"file": "arch/loongarch/lib/csum.c",
"function": "do_csum"
},
"digest": {
"function_hash": "222436874193840382518111000216637120491",
"length": 1608.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d6508ffff32b44b6d0de06704034e4eef1c307a7",
"signature_version": "v1"
},
{
"id": "CVE-2025-21789-50f11782",
"target": {
"file": "arch/loongarch/lib/csum.c",
"function": "do_csum"
},
"digest": {
"function_hash": "222436874193840382518111000216637120491",
"length": 1608.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@964a8895704a22efc06a2a3276b624a5ae985a06",
"signature_version": "v1"
},
{
"id": "CVE-2025-21789-66317f94",
"target": {
"file": "arch/loongarch/lib/csum.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"168801761423302401414781724144768696428",
"26431366409378982054544629077921727275",
"56239455552662445133945038869658267001",
"146911823448482953175467364629711565203"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@964a8895704a22efc06a2a3276b624a5ae985a06",
"signature_version": "v1"
},
{
"id": "CVE-2025-21789-67fb54b4",
"target": {
"file": "arch/loongarch/lib/csum.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"168801761423302401414781724144768696428",
"26431366409378982054544629077921727275",
"56239455552662445133945038869658267001",
"146911823448482953175467364629711565203"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9f15a8df542c0f08732a67d1a14ee7c22948fb97",
"signature_version": "v1"
},
{
"id": "CVE-2025-21789-867573bf",
"target": {
"file": "arch/loongarch/lib/csum.c",
"function": "do_csum"
},
"digest": {
"function_hash": "222436874193840382518111000216637120491",
"length": 1608.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9f15a8df542c0f08732a67d1a14ee7c22948fb97",
"signature_version": "v1"
},
{
"id": "CVE-2025-21789-a49d6927",
"target": {
"file": "arch/loongarch/lib/csum.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"168801761423302401414781724144768696428",
"26431366409378982054544629077921727275",
"56239455552662445133945038869658267001",
"146911823448482953175467364629711565203"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d6508ffff32b44b6d0de06704034e4eef1c307a7",
"signature_version": "v1"
}
]