CVE-2025-21659
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-21659
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21659.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21659
- Downstream
- Related
- Published
- 2025-01-21T12:18:15Z
- Modified
- 2025-10-17T20:59:00.941150Z
- Summary
- netdev: prevent accessing NAPI instances from another namespace
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netdev: prevent accessing NAPI instances from another namespace
The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI instance belongs to the same netns as the owner of the genl sock.
napibyid() can become static now, but it needs to move because of devgetbynapiid().
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced27f91aaf49b3a50e5a02ad5fa27b7c453d029a72Fixedb683ba0df11ff563cc237eb1b74d6adfa77226bf
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced27f91aaf49b3a50e5a02ad5fa27b7c453d029a72Fixedd1cacd74776895f6435941f86a1130e58f6dd226
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.7
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"id": "CVE-2025-21659-376c7daa",
"signature_version": "v1",
"digest": {
"length": 816.0,
"function_hash": "191698365309297724052369474962089434961"
},
"target": {
"function": "netdev_nl_napi_fill_one",
"file": "net/core/netdev-genl.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b683ba0df11ff563cc237eb1b74d6adfa77226bf"
},
{
"signature_type": "Line",
"id": "CVE-2025-21659-3b5347db",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"83940511449991641544947992348585487752",
"219029764383943117640902119568560766710",
"245496146370611576788251479000843050826",
"19207428794186813184244917415230360994",
"161282262069907919354463080721619524339",
"119844376995249873025464373993266325846",
"214227627840758014049478751437499422866",
"135983674464443157630357510600172244775",
"297083896877412033219182627600345969478",
"186746435165898472021818360624010466325",
"81202305743316390285034219951197945466",
"89892835564490006502992963240012584143",
"218385524730026065744618184315226569568",
"21400309911219847128121501225397600847",
"313496700711563719865341561586541964861"
]
},
"target": {
"file": "net/core/dev.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b683ba0df11ff563cc237eb1b74d6adfa77226bf"
},
{
"signature_type": "Line",
"id": "CVE-2025-21659-3b6d230d",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"230801593982688093617628498092730002613",
"201038417150618994485408810112829672338",
"232529054202428700676742737655841605950",
"46599653484826432844147334016119523297",
"158964826577960646554870909530656638654",
"333966755063953451226466221505633539156",
"229691314336530130517301601963206266767"
]
},
"target": {
"file": "net/core/dev.h"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b683ba0df11ff563cc237eb1b74d6adfa77226bf"
},
{
"signature_type": "Line",
"id": "CVE-2025-21659-5147efe5",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"30929575910626295087655201155040438597",
"274907711062229241864201887728551690337",
"117558192108439035306426730342880528572",
"253611573611624358231154877290698450887",
"11770697617076491347697635798336345061",
"313989039387917496324437325670307766691",
"278216248933147922961723036934591190800",
"218428206351213951059190056774708560628",
"333218140659805703973693601398021920126"
]
},
"target": {
"file": "net/core/netdev-genl.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b683ba0df11ff563cc237eb1b74d6adfa77226bf"
},
{
"signature_type": "Function",
"id": "CVE-2025-21659-5fbf8ee0",
"signature_version": "v1",
"digest": {
"length": 726.0,
"function_hash": "39677641751693975554270230801691739660"
},
"target": {
"function": "netdev_nl_napi_get_doit",
"file": "net/core/netdev-genl.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b683ba0df11ff563cc237eb1b74d6adfa77226bf"
},
{
"signature_type": "Function",
"id": "CVE-2025-21659-9494725d",
"signature_version": "v1",
"digest": {
"length": 1218.0,
"function_hash": "36080111943867511136589072299085870628"
},
"target": {
"function": "netdev_nl_napi_fill_one",
"file": "net/core/netdev-genl.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1cacd74776895f6435941f86a1130e58f6dd226"
},
{
"signature_type": "Function",
"id": "CVE-2025-21659-96dc76aa",
"signature_version": "v1",
"digest": {
"length": 241.0,
"function_hash": "328379559421840219855423166142875342537"
},
"target": {
"function": "napi_by_id",
"file": "net/core/dev.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1cacd74776895f6435941f86a1130e58f6dd226"
},
{
"signature_type": "Line",
"id": "CVE-2025-21659-ad985253",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"83940511449991641544947992348585487752",
"219029764383943117640902119568560766710",
"245496146370611576788251479000843050826",
"19207428794186813184244917415230360994",
"161282262069907919354463080721619524339",
"119844376995249873025464373993266325846",
"214227627840758014049478751437499422866",
"135983674464443157630357510600172244775",
"297083896877412033219182627600345969478",
"186746435165898472021818360624010466325",
"81202305743316390285034219951197945466",
"89892835564490006502992963240012584143",
"218385524730026065744618184315226569568",
"21400309911219847128121501225397600847",
"313496700711563719865341561586541964861"
]
},
"target": {
"file": "net/core/dev.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1cacd74776895f6435941f86a1130e58f6dd226"
},
{
"signature_type": "Function",
"id": "CVE-2025-21659-b6f4198f",
"signature_version": "v1",
"digest": {
"length": 241.0,
"function_hash": "328379559421840219855423166142875342537"
},
"target": {
"function": "napi_by_id",
"file": "net/core/dev.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b683ba0df11ff563cc237eb1b74d6adfa77226bf"
},
{
"signature_type": "Line",
"id": "CVE-2025-21659-bbcb30f9",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"230801593982688093617628498092730002613",
"201038417150618994485408810112829672338",
"232529054202428700676742737655841605950",
"46599653484826432844147334016119523297",
"158964826577960646554870909530656638654",
"333966755063953451226466221505633539156",
"229691314336530130517301601963206266767"
]
},
"target": {
"file": "net/core/dev.h"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1cacd74776895f6435941f86a1130e58f6dd226"
},
{
"signature_type": "Function",
"id": "CVE-2025-21659-e5415185",
"signature_version": "v1",
"digest": {
"length": 726.0,
"function_hash": "39677641751693975554270230801691739660"
},
"target": {
"function": "netdev_nl_napi_get_doit",
"file": "net/core/netdev-genl.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1cacd74776895f6435941f86a1130e58f6dd226"
},
{
"signature_type": "Line",
"id": "CVE-2025-21659-eaf52de1",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"305870174953859960293978914369584265069",
"274907711062229241864201887728551690337",
"117558192108439035306426730342880528572",
"253611573611624358231154877290698450887",
"11770697617076491347697635798336345061",
"313989039387917496324437325670307766691",
"278216248933147922961723036934591190800",
"218428206351213951059190056774708560628",
"333218140659805703973693601398021920126",
"274781019455798669941007743167806341791",
"278216248933147922961723036934591190800",
"111705884382566013119040456761666559847",
"71610998687931954664730891429072499750"
]
},
"target": {
"file": "net/core/netdev-genl.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1cacd74776895f6435941f86a1130e58f6dd226"
},
{
"signature_type": "Function",
"id": "CVE-2025-21659-f1483855",
"signature_version": "v1",
"digest": {
"length": 460.0,
"function_hash": "114580984436804102390202918252703430505"
},
"target": {
"function": "netdev_nl_napi_set_doit",
"file": "net/core/netdev-genl.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d1cacd74776895f6435941f86a1130e58f6dd226"
}
]