{"uuid": "e830010d-f681-4bc9-b6f1-4e01daa7ccf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21680", "type": "seen", "source": "https://t.me/cvedetector/16936", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21680 - \"QEMU Pktgen Array Out-of-Bounds Write Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-21680 \nPublished : Jan. 31, 2025, 12:15 p.m. | 1\u00a0hour, 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \npktgen: Avoid out-of-bounds access in get_imix_entries  \n  \nPassing a sufficient amount of imix entries leads to invalid access to the  \npkt_dev->imix_entries array because of the incorrect boundary check.  \n  \nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24  \nindex 20 is out of range for type 'imix_pkt [20]'  \nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121  \nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)  \nCall Trace:  \n  \ndump_stack_lvl lib/dump_stack.c:117  \n__ubsan_handle_out_of_bounds lib/ubsan.c:429  \nget_imix_entries net/core/pktgen.c:874  \npktgen_if_write net/core/pktgen.c:1063  \npde_write fs/proc/inode.c:334  \nproc_reg_write fs/proc/inode.c:346  \nvfs_write fs/read_write.c:593  \nksys_write fs/read_write.c:644  \ndo_syscall_64 arch/x86/entry/common.c:83  \nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130  \n  \nFound by Linux Verification Center (linuxtesting.org) with SVACE.  \n  \n[ fp: allow to fill the array completely; minor changelog cleanup ] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T15:22:32.000000Z"}