{"uuid": "f31f52a3-410d-4f28-b9f3-e1124461686f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21648", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2319", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21648\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n  0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.\n\ud83d\udccf Published: 2025-01-19T10:18:05.700Z\n\ud83d\udccf Modified: 2025-01-19T10:18:05.700Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/5552b4fd44be3393b930434a7845d8d95a2a3c33\n2. https://git.kernel.org/stable/c/d5807dd1328bbc86e059c5de80d1bbee9d58ca3d\n3. https://git.kernel.org/stable/c/f559357d035877b9d0dcd273e0ff83e18e1d46aa\n4. https://git.kernel.org/stable/c/b541ba7d1f5a5b7b3e2e22dc9e40e18a7d6dbc13", "creation_timestamp": "2025-01-19T10:58:21.000000Z"}