CVE-2025-21787

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-21787
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21787.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21787
Downstream
Related
Published
2025-02-27T02:18:26.875Z
Modified
2026-05-28T03:53:31.316723678Z
Summary
team: better TEAM_OPTION_TYPE_STRING validation
Details

In the Linux kernel, the following vulnerability has been resolved:

team: better TEAMOPTIONTYPE_STRING validation

syzbot reported following splat [1]

Make sure user-provided data contains one nul byte.

[1] BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:633 [inline] BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714 stringnocheck lib/vsprintf.c:633 [inline] string+0x3ec/0x5f0 lib/vsprintf.c:714 vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843 __requestmodule+0x252/0x9f0 kernel/module/kmod.c:149 teammode_get drivers/net/team/teamcore.c:480 [inline] teamchangemode drivers/net/team/teamcore.c:607 [inline] teammodeoptionset+0x437/0x970 drivers/net/team/teamcore.c:1401 teamoptionset drivers/net/team/teamcore.c:375 [inline] teamnloptionssetdoit+0x1339/0x1f90 drivers/net/team/teamcore.c:2662 genlfamilyrcvmsgdoit net/netlink/genetlink.c:1115 [inline] genlfamilyrcvmsg net/netlink/genetlink.c:1195 [inline] genlrcvmsg+0x1214/0x12c0 net/netlink/genetlink.c:1210 netlinkrcvskb+0x375/0x650 net/netlink/afnetlink.c:2543 genlrcv+0x40/0x60 net/netlink/genetlink.c:1219 netlinkunicastkernel net/netlink/afnetlink.c:1322 [inline] netlinkunicast+0xf52/0x1260 net/netlink/afnetlink.c:1348 netlinksendmsg+0x10da/0x11e0 net/netlink/afnetlink.c:1892 socksendmsgnosec net/socket.c:718 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:733 ____sys_sendmsg+0x877/0xb60 net/socket.c:2573 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627 __sys_sendmsg net/socket.c:2659 [inline] __dosyssendmsg net/socket.c:2664 [inline] __sesyssendmsg net/socket.c:2662 [inline] _x64syssendmsg+0x212/0x3c0 net/socket.c:2662 x64syscall+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls64.h:47 dosyscallx64 arch/x86/entry/common.c:52 [inline] dosyscall64+0xcd/0x1e0 arch/x86/entry/common.c:83 entrySYSCALL64afterhwframe+0x77/0x7f

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21787.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3d249d4ca7d0ed6629a135ea1ea21c72286c0d80
Fixed
7c30483d0f6bdb2230e10e3e4be5167927eac7a0
Fixed
7f5af50f3aa0af8cbef9fb76fffeed69e8143f59
Fixed
f443687ad20c70320d1248f35f57bf46cac8df0a
Fixed
4512482e4805dd30bc77dec511f2a2edba5cb868
Fixed
d071a91fa614ecdf760c29f61f6a7bfb7df796d6
Fixed
4236bf4716589558cc0f3c3612642b2c2141b04e
Fixed
8401cade1918281177974b32c925afdce750d292
Fixed
5bef3ac184b5626ea62385d6b82a1992b89d7940

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21787.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.3.0
Fixed
5.4.291
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.235
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.179
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.129
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.79
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.16
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21787.json"