CVE-2025-21997 Affecting kernel-headers package, versions *


Severity

Recommended
low

Based on CentOS security rating.

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS9-KERNELHEADERS-9636585
  • published3 Apr 2025
  • disclosed3 Apr 2025

Introduced: 3 Apr 2025

NewCVE-2025-21997  (opens in a new tab)

How to fix?

There is no fixed version for Centos:9 kernel-headers.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-headers package and not the kernel-headers package as distributed by Centos. See How to fix? for Centos:9 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

xsk: fix an integer overflow in xp_create_and_assign_umem()

Since the i and pool->chunk_size variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the same memory area.

Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE.

CVSS Base Scores

version 3.1