{"uuid": "6d69bc5e-d572-4c81-8598-34a7f7db9317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21787", "type": "seen", "source": "https://t.me/cvedetector/19007", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21787 - Linux Team Vulnerability - String Validation\", \n  \"Content\": \"CVE ID : CVE-2025-21787 \nPublished : Feb. 27, 2025, 3:15 a.m. | 1\u00a0hour, 54\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nteam: better TEAM_OPTION_TYPE_STRING validation  \n  \nsyzbot reported following splat [1]  \n  \nMake sure user-provided data contains one nul byte.  \n  \n[1]  \n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]  \n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714  \n  string_nocheck lib/vsprintf.c:633 [inline]  \n  string+0x3ec/0x5f0 lib/vsprintf.c:714  \n  vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843  \n  __request_module+0x252/0x9f0 kernel/module/kmod.c:149  \n  team_mode_get drivers/net/team/team_core.c:480 [inline]  \n  team_change_mode drivers/net/team/team_core.c:607 [inline]  \n  team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401  \n  team_option_set drivers/net/team/team_core.c:375 [inline]  \n  team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662  \n  genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]  \n  genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]  \n  genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210  \n  netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543  \n  genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219  \n  netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]  \n  netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348  \n  netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892  \n  sock_sendmsg_nosec net/socket.c:718 [inline]  \n  __sock_sendmsg+0x30f/0x380 net/socket.c:733  \n  ____sys_sendmsg+0x877/0xb60 net/socket.c:2573  \n  ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627  \n  __sys_sendmsg net/socket.c:2659 [inline]  \n  __do_sys_sendmsg net/socket.c:2664 [inline]  \n  __se_sys_sendmsg net/socket.c:2662 [inline]  \n  __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662  \n  x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47  \n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n  do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83  \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T06:11:29.000000Z"}