CVE-2025-21789

LoongArch: csum: Fix OoB access in IP checksum code for negative lengths

Severity Score

7.1

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69e3a6aa6be2 ("LoongArch: Add checksum optimization for 64-bit
system") would cause an undefined shift and an out-of-bounds read. Commit 8bd795fedb84 ("arm64: csum: Fix OoB access in IP checksum code
for negative lengths") fixes the same issue on ARM64.

In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69e3a6aa6be2 ("LoongArch: Add checksum optimization for 64-bit system") would cause an undefined shift and an out-of-bounds read. Commit 8bd795fedb84 ("arm64: csum: Fix OoB access in IP checksum code for negative lengths") fixes the same issue on ARM64.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-02-27 CVE Published
2025-03-24 CVE Updated
2025-03-31 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/69e3a6aa6be21de6aaf38130fad97ecde34a193c	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/964a8895704a22efc06a2a3276b624a5ae985a06	2025-02-21
https://git.kernel.org/stable/c/9f15a8df542c0f08732a67d1a14ee7c22948fb97	2025-02-21
https://git.kernel.org/stable/c/d6508ffff32b44b6d0de06704034e4eef1c307a7	2025-02-21
https://git.kernel.org/stable/c/6287f1a8c16138c2ec750953e35039634018c84a	2025-02-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.4 < 6.6.79 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.4 < 6.6.79"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.4 < 6.12.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.4 < 6.12.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.4 < 6.13.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.4 < 6.13.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.4 < 6.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.4 < 6.14"		en		Affected