Description

In the Linux kernel, the following vulnerability has been resolved: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index() where shifting the constant "1" (of type int) by bitmap->mapped.pgshift (an unsigned long value) could result in undefined behavior. The constant "1" defaults to a 32-bit "int", and when "pgshift" exceeds 31 (e.g., pgshift = 63) the shift operation overflows, as the result cannot be represented in a 32-bit type. To resolve this, the constant is updated to "1UL", promoting it to an unsigned long type to match the operand's type.

INFO

Published Date :

2025-02-27T02:07:31.630Z

Last Modified :

2025-11-03T19:36:23.243Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-21724 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-21724.

URL Resource
https://git.kernel.org/stable/c/38ac76fc06bc6826a3e4b12a98efbe98432380a9 cve-icon cve-icon
https://git.kernel.org/stable/c/44d9c94b7a3f29a3e07c4753603a35e9b28842a3 cve-icon cve-icon
https://git.kernel.org/stable/c/b1f8453b8ff1ab79a03820ef608256c499769cb6 cve-icon cve-icon
https://git.kernel.org/stable/c/d5d33f01b86af44b23eea61ee309e4ef22c0cdfe cve-icon cve-icon
https://git.kernel.org/stable/c/e24c1551059268b37f6f40639883eafb281b8b9c cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21724-f4b1@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-21724 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-21724 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact