{"uuid": "26fadf38-a7b3-4ec7-bffc-965151ee5c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21716", "type": "seen", "source": "https://t.me/cvedetector/18991", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21716 - Linux Kernel Vxlan Uninit-Value Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21716 \nPublished : Feb. 27, 2025, 2:15 a.m. | 50\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nvxlan: Fix uninit-value in vxlan_vnifilter_dump()  \n  \nKMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1].  \n  \nIf the length of the netlink message payload is less than  \nsizeof(struct tunnel_msg), vxlan_vnifilter_dump() accesses bytes  \nbeyond the message. This can lead to uninit-value access. Fix this by  \nreturning an error in such situations.  \n  \n[1]  \nBUG: KMSAN: uninit-value in vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422  \n vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422  \n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6786  \n netlink_dump+0x93e/0x15f0 net/netlink/af_netlink.c:2317  \n __netlink_dump_start+0x716/0xd60 net/netlink/af_netlink.c:2432  \n netlink_dump_start include/linux/netlink.h:340 [inline]  \n rtnetlink_dump_start net/core/rtnetlink.c:6815 [inline]  \n rtnetlink_rcv_msg+0x1256/0x14a0 net/core/rtnetlink.c:6882  \n netlink_rcv_skb+0x467/0x660 net/netlink/af_netlink.c:2542  \n rtnetlink_rcv+0x35/0x40 net/core/rtnetlink.c:6944  \n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]  \n netlink_unicast+0xed6/0x1290 net/netlink/af_netlink.c:1347  \n netlink_sendmsg+0x1092/0x1230 net/netlink/af_netlink.c:1891  \n sock_sendmsg_nosec net/socket.c:711 [inline]  \n __sock_sendmsg+0x330/0x3d0 net/socket.c:726  \n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583  \n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637  \n __sys_sendmsg net/socket.c:2669 [inline]  \n __do_sys_sendmsg net/socket.c:2674 [inline]  \n __se_sys_sendmsg net/socket.c:2672 [inline]  \n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672  \n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47  \n do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83  \n entry_SYSCALL_64_after_hwframe+0x77/0x7f  \n  \nUninit was created at:  \n slab_post_alloc_hook mm/slub.c:4110 [inline]  \n slab_alloc_node mm/slub.c:4153 [inline]  \n kmem_cache_alloc_node_noprof+0x800/0xe80 mm/slub.c:4205  \n kmalloc_reserve+0x13b/0x4b0 net/core/skbuff.c:587  \n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:678  \n alloc_skb include/linux/skbuff.h:1323 [inline]  \n netlink_alloc_large_skb+0xa5/0x280 net/netlink/af_netlink.c:1196  \n netlink_sendmsg+0xac9/0x1230 net/netlink/af_netlink.c:1866  \n sock_sendmsg_nosec net/socket.c:711 [inline]  \n __sock_sendmsg+0x330/0x3d0 net/socket.c:726  \n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583  \n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637  \n __sys_sendmsg net/socket.c:2669 [inline]  \n __do_sys_sendmsg net/socket.c:2674 [inline]  \n __se_sys_sendmsg net/socket.c:2672 [inline]  \n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672  \n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47  \n do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83  \n entry_SYSCALL_64_after_hwframe+0x77/0x7f  \n  \nCPU: 0 UID: 0 PID: 30991 Comm: syz.4.10630 Not tainted 6.12.0-10694-gc44daa7e3c73 #29  \nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T04:30:30.000000Z"}