CVE-2025-21667

iomap: avoid avoid truncating 64-bit offset to 32 bits

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid avoid truncating 64-bit offset to 32 bits on 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a
32-bit position due to folio_next_index() returning an unsigned long.
This could lead to an infinite loop when writing to an xfs filesystem.

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid avoid truncating 64-bit offset to 32 bits on 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a 32-bit position due to folio_next_index() returning an unsigned long. This could lead to an infinite loop when writing to an xfs filesystem.

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-01-31 CVE Published
2025-05-04 CVE Updated
2025-06-02 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/38be53c3fd7f4f4bd5de319a323d72f9f6beb16d	Vuln. Introduced
https://git.kernel.org/stable/c/f43dc4dc3eff028b5ddddd99f3a66c5a6bdd4e78	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/7ca4bd6b754913910151acce00be093f03642725	2025-01-23
https://git.kernel.org/stable/c/91371922704c8d82049ef7c2ad974d0a2cd1174d	2025-01-23
https://git.kernel.org/stable/c/402ce16421477e27f30b57d6d1a6dc248fa3a4e4	2025-01-23
https://git.kernel.org/stable/c/c13094b894de289514d84b8db56d1f2931a0bade	2025-01-09

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.92 < 6.1.127 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.92 < 6.1.127"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.2 < 6.6.74 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.2 < 6.6.74"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.2 < 6.12.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.2 < 6.12.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.2 < 6.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.2 < 6.13"		en		Affected