CVE-2025-21826 Information

Mar 07, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

netfilter: nf_tables: reject mismatching sum of field_len with set key length

The field length description provides the length of each separated key field in the concatenation each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapo_init(). The set key length provides the total size of the key aligned to 32-bits.

Register-based arithmetics still allows for combining mismatching set key length and field length description eg. set key length 10 and field description [ 5 4 ] leading to pipapo width of 12.

Reference

https://git.kernel.org/stable/c/1b9335a8000fb70742f7db10af314104b6ace220 https://git.kernel.org/stable/c/2ac254343d3cf228ae0738b2615fedf85d000752 https://git.kernel.org/stable/c/49b7182b97bafbd5645414aff054b4a65d05823d https://git.kernel.org/stable/c/82e491e085719068179ff6a5466b7387cc4bbf32 https://git.kernel.org/stable/c/ab50d0eff4a939d20c37721fd9766347efcdb6f6

Share on: