CVE-2025-22107
April 16, 2025, 3:16 p.m.
None
No Score
Description
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()
There are actually 2 problems:
- deleting the last element doesn't require the memmove of elements
[i + 1, end) over it. Actually, element i+1 is out of bounds.
- The memmove itself should move size - i - 1 elements, because the last
element is out of bounds.
The out-of-bounds element still remains out of bounds after being
accessed, so the problem is only that we touch it, not that it becomes
in active use. But I suppose it can lead to issues if the out-of-bounds
element is part of an unmapped page.
Product(s) Impacted
| Vendor | Product | Versions |
|---|---|---|
| Linux |
|
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
*CPE(s)
Affected systems and software identified for this CVE.
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| a | linux | kernel | / | / | / | / | / | / | / | / |
Tags
Timeline
Published: April 16, 2025, 3:16 p.m.
Last Modified: April 16, 2025, 3:16 p.m.
Last Modified: April 16, 2025, 3:16 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
416baaa9-dc9f-4396-8d5f-8c081fb06d67
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.