CVE-2025-21648
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_
CVSS
5.5
Medio
EPSS
0.2%
p12
KEV
—
Exploit Today
4
0-100
Publicado: 19 ene 2025 · Última mod.: 14 jul 2026
0.2%EPSS · 30 días0.2%
2026-06-302026-07-17
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. See: 0708a0afe291 ("mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls") Note: hashtable resize is only possible from init_netns.
- git.kernel.orghttps://git.kernel.org/stable/c/5552b4fd44be3393b930434a7845d8d95a2a3c33
- git.kernel.orghttps://git.kernel.org/stable/c/a965f7f0ea3ae61b9165bed619d5d6da02c75f80
- git.kernel.orghttps://git.kernel.org/stable/c/b1b2353d768f1b80cd7fe045a70adee576b9b338
- git.kernel.orghttps://git.kernel.org/stable/c/b541ba7d1f5a5b7b3e2e22dc9e40e18a7d6dbc13
- git.kernel.orghttps://git.kernel.org/stable/c/d5807dd1328bbc86e059c5de80d1bbee9d58ca3d
- git.kernel.orghttps://git.kernel.org/stable/c/f559357d035877b9d0dcd273e0ff83e18e1d46aa
- lists.debian.orghttps://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- lists.debian.orghttps://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- cert-portal.siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-019113.html
- cert-portal.siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-265688.html
Sin CVEs relacionados por CWE o producto.