CVE-2025-2073 Information

Description

Out-of-Bounds Read in ip_set_bitmap_ip.c in Google ChromeOS Kernel Versions 6.1 5.15 5.10 5.4 4.19. on All devices where Termina is used allows an attacker with CAP_NET_ADMIN privileges to cause memory corruption and potentially escalate privileges via crafted ipset commands.

Reference

https://issues.chromium.org/issues/b/380043638 https://issuetracker.google.com/issues/380043638