U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2025-21826 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject mismatching sum of field_len with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapo_init(). The set key length provides the total size of the key aligned to 32-bits. Register-based arithmetics still allows for combining mismatching set key length and field length description, eg. set key length 10 and field description [ 5, 4 ] leading to pipapo width of 12.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/1b9335a8000fb70742f7db10af314104b6ace220 kernel.org
https://git.kernel.org/stable/c/2ac254343d3cf228ae0738b2615fedf85d000752 kernel.org
https://git.kernel.org/stable/c/49b7182b97bafbd5645414aff054b4a65d05823d kernel.org
https://git.kernel.org/stable/c/5083a7ae45003456c253e981b30a43f71230b4a3 kernel.org
https://git.kernel.org/stable/c/6b467c8feac759f4c5c86d708beca2aa2b29584f kernel.org
https://git.kernel.org/stable/c/82e491e085719068179ff6a5466b7387cc4bbf32 kernel.org
https://git.kernel.org/stable/c/ab50d0eff4a939d20c37721fd9766347efcdb6f6 kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

2 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2025-21826
NVD Published Date:
03/06/2025
NVD Last Modified:
03/13/2025
Source:
kernel.org