CVE-2025-2073

None

Description

Out-of-Bounds Read in ip_set_bitmap_ip.c in Google ChromeOS Kernel Versions 6.1, 5.15, 5.10, 5.4, 4.19. on All devices where Termina is used allows an attacker with CAP_NET_ADMIN privileges to cause memory corruption and potentially escalate privileges via crafted ipset commands.

INFO

Published Date :

2025-04-16T23:06:28.608Z

Last Modified :

2025-04-17T15:47:11.502Z

Source :

ChromeOS

AFFECTED PRODUCTS

The following products are affected by CVE-2025-2073 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-2073.

URL	Resource
https://issues.chromium.org/issues/b/380043638
https://issuetracker.google.com/issues/380043638

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact