high
7.1
CWE
125
Advisory Published
Updated

CVE-2025-21742: usbnet: ipheth: use static NDP16 location in URB

First published: Thu Feb 27 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the `wNdpIndex` value in NTH16. Only the start position of NDP16 was checked, so it was possible for even the fixed-length part of NDP16 to extend past the end of URB, leading to an out-of-bounds read. On iOS devices, the NDP16 header always directly follows NTH16. Rely on and check for this specific format. This, along with NCM-specific minimal URB length check that already exists, will ensure that the fixed-length part of NDP16 plus a set amount of DPEs fit within the URB. Note that this commit alone does not fully address the OoB read. The limit on the amount of DPEs needs to be enforced separately.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel
>=6.5<6.6.78
>=6.7<6.12.14
>=6.13<6.13.3

Remedy

https://git.kernel.org/stable/c/2b619445dcb6dab97d8ed033fb57225aca1288c4

Remedy

https://git.kernel.org/stable/c/86586dcb75cb8fd062a518aca8ee667938b91efb

Remedy

https://git.kernel.org/stable/c/8fb062178e1ce180e2cfdc9abc83a1b9fea381ca

Remedy

https://git.kernel.org/stable/c/cf1ac7f7cf601ac31d1580559c002b5e37b733b7

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2025-21742?

    CVE-2025-21742 is considered to have a moderate severity level due to its nature affecting USB networking in the Linux kernel.

  • How do I fix CVE-2025-21742?

    To fix CVE-2025-21742, users should update their Linux kernel to the latest versions where this vulnerability is patched.

  • What are the potential impacts of CVE-2025-21742?

    CVE-2025-21742 can potentially lead to denial-of-service conditions or compromise the integrity of USB network connections.

  • Which versions of the Linux kernel are affected by CVE-2025-21742?

    CVE-2025-21742 affects various versions of the Linux kernel that utilize the usbnet and ipheth drivers.

  • Is CVE-2025-21742 actively exploited in the wild?

    As of now, there are no confirmed reports of CVE-2025-21742 being actively exploited in the wild.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203