CVE-2025-21734

For non-registered buffer, fastrpc driver copies the buffer and pass it to the remote subsystem. There is a problem with current implementation of page size calculation which is not considering the offset in the calculation. This might lead to passing of improper and out-of-bounds page size which could result in memory issue. Calculate page start and page end using the offset adjusted address instead of absolute address.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/cc431b3424123d84bcd7afd4de150b33f117a8ef/cves/2025/21xxx/CVE-2025-21734.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

02b45b47fbe84e23699bb6bdc74d4c2780e282b4

Fixed

c56ba3ea8e3c9a69a992aad18f7a65e43e51d623

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

02b45b47fbe84e23699bb6bdc74d4c2780e282b4

Fixed

c0464bad0e85fcd5d47e4297d1e410097c979e55

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

02b45b47fbe84e23699bb6bdc74d4c2780e282b4

Fixed

24a79c6bc8de763f7c50f4f84f8b0c183bc25a51

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

02b45b47fbe84e23699bb6bdc74d4c2780e282b4

Fixed

c3f7161123fcbdc64e90119ccce292d8b66281c4

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

02b45b47fbe84e23699bb6bdc74d4c2780e282b4

Fixed

e966eae72762ecfdbdb82627e2cda48845b9dd66

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.2.0

Fixed

6.1.129

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.78

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.14

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.13.3