Security Advisory

CVE-2025-21687

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-10 15:58:43

Last updated 2026-05-11 21:04:29

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device.

← Browse all CVEs View on cve.org ↗