CVE-2025-21687

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

vfio/platform: check the bounds of read/write syscalls

count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device.

EPSS Score: 0.00229 (0.136)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Out-of-bounds Read

Out-of-bounds Write

ADVISORY - redhat

Out-of-bounds Write


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in