CVE-2025-21648
- Source
- https://cve.org/CVERecord?id=CVE-2025-21648
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21648.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21648
- Downstream
- Related
- Published
- 2025-01-19T10:18:05.700Z
- Modified
- 2026-05-18T05:58:03.903025145Z
- Summary
- netfilter: conntrack: clamp maximum hashtable size to INT_MAX
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: conntrack: clamp maximum hashtable size to INT_MAX
Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNON_ONCE in __kvmallocnodenoprof() when resizing hashtable because _GFPNOWARN is unset. See:
0708a0afe291 ("mm: Consider _GFPNOWARN flag for oversized kvmalloc() calls")
Note: hashtable resize is only possible from init_netns.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21648.json" }- References
-
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://git.kernel.org/stable/c/5552b4fd44be3393b930434a7845d8d95a2a3c33
- https://git.kernel.org/stable/c/a965f7f0ea3ae61b9165bed619d5d6da02c75f80
- https://git.kernel.org/stable/c/b1b2353d768f1b80cd7fe045a70adee576b9b338
- https://git.kernel.org/stable/c/b541ba7d1f5a5b7b3e2e22dc9e40e18a7d6dbc13
- https://git.kernel.org/stable/c/d5807dd1328bbc86e059c5de80d1bbee9d58ca3d
- https://git.kernel.org/stable/c/f559357d035877b9d0dcd273e0ff83e18e1d46aa
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21648.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-21648
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9cc1c73ad66610bffc80b691136ffc1e9a3b1a58Fixeda965f7f0ea3ae61b9165bed619d5d6da02c75f80Fixedb1b2353d768f1b80cd7fe045a70adee576b9b338Fixed5552b4fd44be3393b930434a7845d8d95a2a3c33Fixedd5807dd1328bbc86e059c5de80d1bbee9d58ca3dFixedf559357d035877b9d0dcd273e0ff83e18e1d46aaFixedb541ba7d1f5a5b7b3e2e22dc9e40e18a7d6dbc13