CVE-2025-21890

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-21890
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21890.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-21890
Downstream
Related
Published
2025-03-27T14:57:16.525Z
Modified
2025-11-20T08:23:36.718300Z
Summary
idpf: fix checksums set in idpf_rx_rsc()
Details

In the Linux kernel, the following vulnerability has been resolved:

idpf: fix checksums set in idpfrxrsc()

idpfrxrsc() uses skbtransportoffset(skb) while the transport header is not set yet.

This triggers the following warning for CONFIGDEBUGNET=y builds.

DEBUGNETWARNONONCE(!skbtransportheaderwasset(skb))

[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpfvportsplitqnapipoll (include/linux/skbuff.h:3020) idpf [ 69.261629] Modules linked in: vfat fat dummy bridge inteluncorefrequencytpmi inteluncorefrequencycommon intelvsectpmi idpf intelvsec cdcncm cdceem cdcether usbnet mii xhcipci xhcihcd ehcipci ehcihcd libeth [ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697 [ 69.261648] Tainted: [S]=CPUOUTOFSPEC, [W]=WARN [ 69.261650] RIP: 0010:idpfvportsplitqnapipoll (include/linux/skbuff.h:3020) idpf [ 69.261677] ? _warn (kernel/panic.c:242 kernel/panic.c:748) [ 69.261682] ? idpfvportsplitqnapipoll (include/linux/skbuff.h:3020) idpf [ 69.261687] ? reportbug (lib/bug.c:?) [ 69.261690] ? handlebug (arch/x86/kernel/traps.c:285) [ 69.261694] ? excinvalidop (arch/x86/kernel/traps.c:309) [ 69.261697] ? asmexcinvalidop (arch/x86/include/asm/idtentry.h:621) [ 69.261700] ? _pfxidpfvportsplitqnapipoll (drivers/net/ethernet/intel/idpf/idpftxrx.c:4011) idpf [ 69.261704] ? idpfvportsplitqnapipoll (include/linux/skbuff.h:3020) idpf [ 69.261708] ? idpfvportsplitqnapipoll (drivers/net/ethernet/intel/idpf/idpftxrx.c:3072) idpf [ 69.261712] _napipoll (net/core/dev.c:7194) [ 69.261716] netrxaction (net/core/dev.c:7265) [ 69.261718] ? _qdiscrun (net/sched/schgeneric.c:293) [ 69.261721] ? schedclock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288) [ 69.261726] handlesoftirqs (kernel/softirq.c:561)

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3a8845af66edb340ba9210bb8a0da040c7d6e590
Fixed
4279bbebe00ffdbfd1a77567961886e35465cbdc
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3a8845af66edb340ba9210bb8a0da040c7d6e590
Fixed
57e68f256911f3ab4b997141975561646ccbbb8c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3a8845af66edb340ba9210bb8a0da040c7d6e590
Fixed
674fcb4f4a7e3e277417a01788cc6daae47c3804

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.2
v6.13.3
v6.13.4
v6.13.5
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "target": {
            "file": "drivers/net/ethernet/intel/idpf/idpf_txrx.c",
            "function": "idpf_rx_rsc"
        },
        "digest": {
            "length": 1254.0,
            "function_hash": "308921979872751571846183740676133285286"
        },
        "id": "CVE-2025-21890-1eb47f1f",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4279bbebe00ffdbfd1a77567961886e35465cbdc",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/net/ethernet/intel/idpf/idpf_txrx.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "125057982599469043161686962626669636797",
                "319334192755631960015721014445624008571",
                "67763788869250150583087159898340282316",
                "53222320093295778494238051806275981151",
                "217102448026005651188871228274957675402",
                "280854744744683323284960169387139356936",
                "332764435218428247150216024792597308476",
                "57227899098127602564638704521784268101",
                "53048979553701939866795523525882246589",
                "267369373727772674119550466533348967290",
                "298529509728170722351490103099944951375",
                "116669425471870881722387256778477468127"
            ]
        },
        "id": "CVE-2025-21890-b58b00db",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@57e68f256911f3ab4b997141975561646ccbbb8c",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/net/ethernet/intel/idpf/idpf_txrx.c",
            "function": "idpf_rx_rsc"
        },
        "digest": {
            "length": 1254.0,
            "function_hash": "308921979872751571846183740676133285286"
        },
        "id": "CVE-2025-21890-bc9160aa",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@57e68f256911f3ab4b997141975561646ccbbb8c",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/net/ethernet/intel/idpf/idpf_txrx.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "125057982599469043161686962626669636797",
                "319334192755631960015721014445624008571",
                "67763788869250150583087159898340282316",
                "53222320093295778494238051806275981151",
                "217102448026005651188871228274957675402",
                "280854744744683323284960169387139356936",
                "332764435218428247150216024792597308476",
                "57227899098127602564638704521784268101",
                "53048979553701939866795523525882246589",
                "267369373727772674119550466533348967290",
                "298529509728170722351490103099944951375",
                "116669425471870881722387256778477468127"
            ]
        },
        "id": "CVE-2025-21890-e87679f4",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@674fcb4f4a7e3e277417a01788cc6daae47c3804",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/net/ethernet/intel/idpf/idpf_txrx.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "125057982599469043161686962626669636797",
                "319334192755631960015721014445624008571",
                "67763788869250150583087159898340282316",
                "53222320093295778494238051806275981151",
                "217102448026005651188871228274957675402",
                "280854744744683323284960169387139356936",
                "332764435218428247150216024792597308476",
                "57227899098127602564638704521784268101",
                "53048979553701939866795523525882246589",
                "267369373727772674119550466533348967290",
                "298529509728170722351490103099944951375",
                "116669425471870881722387256778477468127"
            ]
        },
        "id": "CVE-2025-21890-efccfd04",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4279bbebe00ffdbfd1a77567961886e35465cbdc",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/net/ethernet/intel/idpf/idpf_txrx.c",
            "function": "idpf_rx_rsc"
        },
        "digest": {
            "length": 1254.0,
            "function_hash": "308921979872751571846183740676133285286"
        },
        "id": "CVE-2025-21890-f5791f00",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@674fcb4f4a7e3e277417a01788cc6daae47c3804",
        "signature_version": "v1"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.18
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.6