Security Advisory

CVE-2025-27701

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-27 15:42:11

Last updated 2025-09-04 05:15:46

Assigner Google_Devices

State PUBLISHED

Description

In the function process_crypto_cmd, the values of ptrs[i] can be potentially equal to NULL which is valid value after calling slice_map_array(). Later this values will be derefenced without prior NULL check, which can lead to local Temporary DoS or OOB Read, leading to information disclosure.

← Browse all CVEs View on cve.org ↗