CVE-2025-21920

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Apr 1, 2025

Updated: Apr 11, 2025

CWE ID 125

Summary

CVE-2025-21920 is a vulnerability affecting the Linux kernel that allows the creation of VLAN devices on non-ethernet devices, resulting in an out-of-bounds read issue. During VLAN device initialization, the length of multicast addresses provided by GARP and MRP is incorrectly used to determine the length of the underlying device's address, leading to a buffer overflow. Consequently, the address of a kernel function, garp_pdu_rcv, is leaked to usermode. This vulnerability can be exploited by creating a VLAN device on a non-ethernet interface with a long multicast address, causing an out-of-bounds read. The issue has been resolved by enforcing the type of the underlying device during VLAN device initialization.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-21920

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations