CVE-2025-21993

Updated: 2026-02-27 03:41:31.526226

Description:

In the Linux kernel, the following vulnerability has been resolved: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix length is 64, this causes the shift exponent to become negative, triggering a UBSAN warning. As the concept of a subnet mask does not apply to IPv6, the value is set to ~0 to suppress the warning message.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.1

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.1 HIGH Released CLSA-2025:1747725447 2025-05-21 01:42:08
CentOS 6 ELS kernel 2.6.32 7.1 HIGH Released CLSA-2025:1748366748 2025-06-10 00:30:48
CentOS 7 ELS kernel 3.10.0 7.1 HIGH Released CLSA-2025:1747260502 2025-05-28 00:30:41
CentOS 8.4 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2025:1747688514 2025-05-21 01:42:09
CentOS 8.5 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2025:1747688831 2025-05-21 01:42:10
CentOS Stream 8 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2025:1747688581 2025-05-21 01:42:07
CloudLinux 6 ELS kernel 2.6.32 7.1 HIGH Needs Triage 2025-08-30 11:21:52
CloudLinux 7 ELS kernel 3.10.0 7.1 HIGH Ignored 2025-11-08 00:18:56 CloudLinux 6 and 7 support is limited and provided on demand. We strongly recommend upgrading to Clo...
Oracle Linux 6 ELS kernel 2.6.32 7.1 HIGH Released CLSA-2025:1748365686 2025-05-28 00:30:40
Oracle Linux 7 ELS kernel 3.10.0 7.1 HIGH Released CLSA-2025:1747251218 2025-05-16 05:12:08
Total: 17