CVE-2025-21735

HIGH

Linux Kernel - Out-of-bounds Write in NFC NCI HCI Pipe Creation

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in nci_hci_create_pipe() The "pipe" variable is a u8 which comes from the network. If it's more than 127, then it results in memory corruption in the caller, nci_hci_connect_gate().

References (11)

Core 11

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

Mailing List

https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html

Patch

https://git.kernel.org/stable/c/bd249109d266f1d52548c46634a15b71656e0d44

Patch

https://git.kernel.org/stable/c/674e17c5933779a8bf5c15d596fdfcb5ccdebbc2

Patch

https://git.kernel.org/stable/c/10b3f947b609713e04022101f492d288a014ddfa

Patch

https://git.kernel.org/stable/c/d5a461c315e5ff92657f84d8ba50caa5abf5c22a

Patch

https://git.kernel.org/stable/c/172cdfc3a5ea20289c58fb73dadc6fd4a8784a4e

Patch

https://git.kernel.org/stable/c/2ae4bade5a64d126bd18eb66bd419005c5550218

Patch

https://git.kernel.org/stable/c/59c7ed20217c0939862fbf8145bc49d5b3a13f4f

Patch

https://git.kernel.org/stable/c/110b43ef05342d5a11284cc8b21582b698b4ef1c

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Scores

CVSS v3 7.8

EPSS 0.0022

EPSS Percentile 13.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (26)

linux/Kernel 4.4.0 - 5.4.291linux

linux/Kernel 5.11.0 - 5.15.179linux

linux/Kernel 5.16.0 - 6.1.129linux

linux/Kernel 5.5.0 - 5.10.235linux

linux/Kernel 6.13.0 - 6.13.3linux

linux/Kernel 6.2.0 - 6.6.78linux

linux/Kernel 6.7.0 - 6.12.14linux

Linux/Linux < 4.4

Linux/Linux 4.4

Linux/Linux 5.10.235 - 5.10.*

... and 16 more

Published Feb 27, 2025

Tracked Since Feb 18, 2026