CVE-2025-21724

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-21724
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21724.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21724
Downstream
Related
Published
2025-02-27T02:07:31.630Z
Modified
2026-03-20T12:41:08.449165Z
Summary
iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()
Details

In the Linux kernel, the following vulnerability has been resolved:

iommufd/iovabitmap: Fix shift-out-of-bounds in iovabitmapoffsetto_index()

Resolve a UBSAN shift-out-of-bounds issue in iovabitmapoffsettoindex() where shifting the constant "1" (of type int) by bitmap->mapped.pgshift (an unsigned long value) could result in undefined behavior.

The constant "1" defaults to a 32-bit "int", and when "pgshift" exceeds 31 (e.g., pgshift = 63) the shift operation overflows, as the result cannot be represented in a 32-bit type.

To resolve this, the constant is updated to "1UL", promoting it to an unsigned long type to match the operand's type.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21724.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
58ccf0190d19d9a8a41f8a02b9e06742b58df4a1
Fixed
44d9c94b7a3f29a3e07c4753603a35e9b28842a3
Fixed
38ac76fc06bc6826a3e4b12a98efbe98432380a9
Fixed
d5d33f01b86af44b23eea61ee309e4ef22c0cdfe
Fixed
b1f8453b8ff1ab79a03820ef608256c499769cb6
Fixed
e24c1551059268b37f6f40639883eafb281b8b9c

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21724.json"