Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2025-21687— vfio/platform: check the bounds of read/write syscalls

EPSS 0.02% · P6

Affected Version Matrix 26

VendorProductVersion RangeStatus
LinuxLinux6e3f264560099869f68830cb14b3b3e71e5ac76a< f21636f24b6786c8b13f1af4319fa75ffcf17f38affected
6e3f264560099869f68830cb14b3b3e71e5ac76a< 9377cdc118cf327248f1a9dde7b87de067681dc9affected
6e3f264560099869f68830cb14b3b3e71e5ac76a< d19a8650fd3d7aed8d1af1d9a77f979a8430eba1affected
6e3f264560099869f68830cb14b3b3e71e5ac76a< ed81d82bb6e9df3a137f2c343ed689e6c68268efaffected
6e3f264560099869f68830cb14b3b3e71e5ac76a< 92340e6c5122d823ad064984ef7513eba9204048affected
6e3f264560099869f68830cb14b3b3e71e5ac76a< f65ce06387f8c1fb54bd59e18a8428248ec68eafaffected
6e3f264560099869f68830cb14b3b3e71e5ac76a< 6bcb8a5b70b80143db9bf12dfa7d53636f824d53affected
6e3f264560099869f68830cb14b3b3e71e5ac76a< 1485932496a1b025235af8aa1e21988d6b7ccd54affected
… +18 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-21687

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
vfio/platform: check the bounds of read/write syscalls
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于vfio/platform驱动中read/write系统调用的边界检查缺失。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 6e3f264560099869f68830cb14b3b3e71e5ac76a ~ f21636f24b6786c8b13f1af4319fa75ffcf17f38 -
LinuxLinux 4.1 -

II. Public POCs for CVE-2025-21687

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-21687

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-02-10 · 8 CVEs total

CVE-2024-57950drm/amd/display: Initialize denominator defaults to 1
CVE-2025-21689USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()
CVE-2025-21688drm/v3d: Assign job pointer to NULL before signaling the fence
CVE-2025-21690scsi: storvsc: Ratelimit warning logs to prevent VM denial of service
CVE-2025-21691cachestat: fix page cache statistics permission checking
CVE-2025-21692net: sched: fix ets qdisc OOB Indexing
CVE-2025-21693mm: zswap: properly synchronize freeing resources during CPU hotunplug

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-21687

No comments yet

Leave a comment