CVE-2025-21648 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. See: 0708a0afe291 ("mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls") Note: hashtable resize is only possible from init_netns.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/5552b4fd44be3393b930434a7845d8d95a2a3c33
https://git.kernel.org/stable/c/a965f7f0ea3ae61b9165bed619d5d6da02c75f80
https://git.kernel.org/stable/c/b1b2353d768f1b80cd7fe045a70adee576b9b338
https://git.kernel.org/stable/c/b541ba7d1f5a5b7b3e2e22dc9e40e18a7d6dbc13
https://git.kernel.org/stable/c/d5807dd1328bbc86e059c5de80d1bbee9d58ca3d
https://git.kernel.org/stable/c/f559357d035877b9d0dcd273e0ff83e18e1d46aa
https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21648-bcda@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-21648
https://www.cve.org/CVERecord?id=CVE-2025-21648

History

Thu, 13 Feb 2025 01:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-789
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`	cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H'}` threat_severity `Moderate`

Sun, 02 Feb 2025 10:30:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/a965f7f0ea3ae61b9165bed619d5d6da02c75f80

Thu, 23 Jan 2025 17:15:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/b1b2353d768f1b80cd7fe045a70adee576b9b338

Mon, 20 Jan 2025 14:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21648-bcda@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-21648 https://www.cve.org/CVERecord?id=CVE-2025-21648
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Sun, 19 Jan 2025 10:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. See: 0708a0afe291 ("mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls") Note: hashtable resize is only possible from init_netns.
Title		netfilter: conntrack: clamp maximum hashtable size to INT_MAX
References		https://git.kernel.org/stable/c/5552b4fd44be3393b930434a7845d8d95a2a3c33 https://git.kernel.org/stable/c/b541ba7d1f5a5b7b3e2e22dc9e40e18a7d6dbc13 https://git.kernel.org/stable/c/d5807dd1328bbc86e059c5de80d1bbee9d58ca3d https://git.kernel.org/stable/c/f559357d035877b9d0dcd273e0ff83e18e1d46aa

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-01-19T10:18:05.700Z

Updated: 2025-02-02T10:16:08.356Z

Reserved: 2024-12-29T08:45:45.728Z

Link: CVE-2025-21648

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-01-19T11:15:10.410

Modified: 2025-02-02T11:15:15.433

Link: CVE-2025-21648

Redhat

Severity : Moderate

Publid Date: 2025-01-19T00:00:00Z

Links: CVE-2025-21648 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object