CVE-2025-21772

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-21772

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21772.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-21772

Downstream

BELL-CVE-2025-21772

DEBIAN-CVE-2025-21772

DLA-4102-1

DLA-4178-1

OESA-2025-1408

OESA-2025-1446

OESA-2025-1450

SUSE-SU-2025:01600-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:02385-1

SUSE-SU-2025:02387-1

SUSE-SU-2025:02388-1

SUSE-SU-2025:02396-1

SUSE-SU-2025:02398-1

SUSE-SU-2025:02399-1

SUSE-SU-2025:02400-1

SUSE-SU-2025:02401-1

SUSE-SU-2025:02402-1

SUSE-SU-2025:02403-1

SUSE-SU-2025:02405-1

SUSE-SU-2025:02410-1

SUSE-SU-2025:02411-1

SUSE-SU-2025:02412-1

SUSE-SU-2025:02413-1

SUSE-SU-2025:02445-1

SUSE-SU-2025:02446-1

SUSE-SU-2025:02449-1

SUSE-SU-2025:02451-1

SUSE-SU-2025:02454-1

SUSE-SU-2025:02455-1

SUSE-SU-2025:02459-1

SUSE-SU-2025:02468-1

SUSE-SU-2025:02507-1

SUSE-SU-2025:0983-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1177-1

SUSE-SU-2025:1178-1

SUSE-SU-2025:1180-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1195-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

Related

Published

2025-02-27T03:15:17Z

Modified

2025-08-09T20:01:27Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

partitions: mac: fix handling of bogus partition table

Fix several issues in partition probing:

The bailout for a bad partoffset must use putdevsector(), since the preceding readpartsector() succeeded.
If the partition table claims a silly sector size like 0xfff bytes (which results in partition table entries straddling sector boundaries), bail out instead of accessing out-of-bounds memory.
We must not assume that the partition table contains proper NUL termination - use strnlen() and strncmp() instead of strlen() and strcmp().

References

Affected packages