We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-22107

net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()



Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() There are actually 2 problems: - deleting the last element doesn't require the memmove of elements [i + 1, end) over it. Actually, element i+1 is out of bounds. - The memmove itself should move size - i - 1 elements, because the last element is out of bounds. The out-of-bounds element still remains out of bounds after being accessed, so the problem is only that we touch it, not that it becomes in active use. But I suppose it can lead to issues if the out-of-bounds element is part of an unmapped page.

Reserved 2024-12-29 | Published 2025-04-16 | Updated 2025-05-26 | Assigner Linux

Product status

Default status
unaffected

6666cebc5e306f49a25bd20aa8c1cb8ef8950df5 before 59b97641de03c081f26b3a8876628c765b5faa25
affected

6666cebc5e306f49a25bd20aa8c1cb8ef8950df5 before 5f2b28b79d2d1946ee36ad8b3dc0066f73c90481
affected

Default status
affected

5.2
affected

Any version before 5.2
unaffected

6.14.2
unaffected

6.15
unaffected

References

git.kernel.org/...c/59b97641de03c081f26b3a8876628c765b5faa25

git.kernel.org/...c/5f2b28b79d2d1946ee36ad8b3dc0066f73c90481

cve.org (CVE-2025-22107)

nvd.nist.gov (CVE-2025-22107)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-22107

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.