{"uuid": "3d77103b-1bdb-47e4-9241-b4730f45d7ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21997", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10184", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21997\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool->chunk_size variables are of type 'u32',\ntheir product can wrap around and then be cast to 'u64'.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.\n\ud83d\udccf Published: 2025-04-03T07:19:00.583Z\n\ud83d\udccf Modified: 2025-04-03T07:19:00.583Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/205649d642a5b376724f04f3a5b3586815e43d3b\n2. https://git.kernel.org/stable/c/b7b4be1fa43294b50b22e812715198629806678a\n3. https://git.kernel.org/stable/c/130290f44bce0eead2b827302109afc3fe189ddd\n4. https://git.kernel.org/stable/c/c7670c197b0f1a8726ad5c87bc2bf001a1fc1bbd\n5. https://git.kernel.org/stable/c/559847f56769037e5b2e0474d3dbff985b98083d", "creation_timestamp": "2025-04-03T07:34:18.000000Z"}