CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls

Description

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device.

Classification

CVE ID: CVE-2025-21687

Affected Products

Vendor: Linux

Product: Linux

Timeline

2025-02-11 00:32:58 UTC
CVE

vfio/platform: check the bounds of read/write syscalls