U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2025-21993 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix length is 64, this causes the shift exponent to become negative, triggering a UBSAN warning. As the concept of a subnet mask does not apply to IPv6, the value is set to ~0 to suppress the warning message.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Hyperlink Resource
https://git.kernel.org/stable/c/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5 Patch 
https://git.kernel.org/stable/c/2d1eef248107bdf3d5a69d0fde04c30a79a7bf5d Patch 
https://git.kernel.org/stable/c/9bfa80c8aa4e06dff55a953c3fffbfc68a3a3b1c Patch 
https://git.kernel.org/stable/c/a858cd58dea06cf85b142673deea8c5d87f11e70 Patch 
https://git.kernel.org/stable/c/b253660fac5e0e9080d2c95e3a029e1898d49afb Patch 
https://git.kernel.org/stable/c/b388e185bfad32bfed6a97a6817f74ca00a4318f Patch 
https://git.kernel.org/stable/c/c1c6e527470e5eab0b2d57bd073530fbace39eab Patch 
https://git.kernel.org/stable/c/f763c82db8166e28f45b7cc4a5398a7859665940 Patch 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-125 Out-of-bounds Read cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

3 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2025-21993
NVD Published Date:
04/02/2025
NVD Last Modified:
04/10/2025
Source:
kernel.org