CVE-2025-21772

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-21772
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21772.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21772
Downstream
Related
Published
2025-02-27T03:15:17Z
Modified
2025-08-09T20:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

partitions: mac: fix handling of bogus partition table

Fix several issues in partition probing:

  • The bailout for a bad partoffset must use putdevsector(), since the preceding readpartsector() succeeded.
  • If the partition table claims a silly sector size like 0xfff bytes (which results in partition table entries straddling sector boundaries), bail out instead of accessing out-of-bounds memory.
  • We must not assume that the partition table contains proper NUL termination - use strnlen() and strncmp() instead of strlen() and strcmp().
References

Affected packages