VYPR
Medium severity5.5NVD Advisory· Published Feb 27, 2025· Updated May 12, 2026

CVE-2025-21711

CVE-2025-21711

Description

In the Linux kernel, the following vulnerability has been resolved:

net/rose: prevent integer overflows in rose_setsockopt()

In case of possible unpredictably large arguments passed to rose_setsockopt() and multiplied by extra values on top of that, integer overflows may occur.

Do the safest minimum and fix these issues by checking the contents of 'opt' and returning -EINVAL if they are too large. Also, switch to unsigned int and remove useless check for negative 'opt' in ROSE_IDLE case.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

65

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.