CVE-2025-21665

In the Linux kernel, the following vulnerability has been resolved: filemap: avoid truncating 64-bit offset to 32 bits On 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a 64-bit value to 32 bits, leading to a possible infinite loop when writing to an xfs filesystem.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/09528bb1a4123e2a234eac2bc45a0e51e78dab43	Patch
https://git.kernel.org/stable/c/280f1fb89afc01e7376f59ae611d54ca69e9f967	Patch
https://git.kernel.org/stable/c/64e5fd96330df2ad278d1c4edcca581f26e5f76e	Patch
https://git.kernel.org/stable/c/80fc836f3ebe2f2d2d2c80c698b7667974285a04	Patch
https://git.kernel.org/stable/c/f505e6c91e7a22d10316665a86d79f84d9f0ba76	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc7::::::

History

03 Feb 2025, 19:57

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: filemap: evitar truncar el desplazamiento de 64 bits a 32 bits. En los kernels de 32 bits, folio_seek_hole_data() truncaba inadvertidamente un valor de 64 bits a 32 bits, lo que provocaba un posible bucle infinito al escribir en un sistema de archivos xfs.
References	~~() https://git.kernel.org/stable/c/09528bb1a4123e2a234eac2bc45a0e51e78dab43 -~~	() https://git.kernel.org/stable/c/09528bb1a4123e2a234eac2bc45a0e51e78dab43 - Patch
References	~~() https://git.kernel.org/stable/c/280f1fb89afc01e7376f59ae611d54ca69e9f967 -~~	() https://git.kernel.org/stable/c/280f1fb89afc01e7376f59ae611d54ca69e9f967 - Patch
References	~~() https://git.kernel.org/stable/c/64e5fd96330df2ad278d1c4edcca581f26e5f76e -~~	() https://git.kernel.org/stable/c/64e5fd96330df2ad278d1c4edcca581f26e5f76e - Patch
References	~~() https://git.kernel.org/stable/c/80fc836f3ebe2f2d2d2c80c698b7667974285a04 -~~	() https://git.kernel.org/stable/c/80fc836f3ebe2f2d2d2c80c698b7667974285a04 - Patch
References	~~() https://git.kernel.org/stable/c/f505e6c91e7a22d10316665a86d79f84d9f0ba76 -~~	() https://git.kernel.org/stable/c/f505e6c91e7a22d10316665a86d79f84d9f0ba76 - Patch
CWE		CWE-835
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc7:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::
First Time		Linux Linux linux Kernel

31 Jan 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-31 12:15

Updated : 2025-02-03 19:57

NVD link : CVE-2025-21665

Mitre link : CVE-2025-21665

CVE.ORG link : CVE-2025-21665

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

5.5 /10