Vulnerabilities > CVE-2025-21785 - Unspecified vulnerability in Linux Kernel 6.14

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

linux

NVD

Published: 2025-02-27

Updated: 2025-02-27

Summary

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 6.14 Linux Linux Kernel *	3

References

https://git.kernel.org/stable/c/4ff25f0b18d1d0174c105e4620428bcdc1213860
https://git.kernel.org/stable/c/67b99a2b5811df4294c2ad50f9bff3b6a08bd618
https://git.kernel.org/stable/c/715eb1af64779e1b1aa0a7b2ffb81414d9f708e5
https://git.kernel.org/stable/c/875d742cf5327c93cba1f11e12b08d3cce7a88d2
https://git.kernel.org/stable/c/ab90894f33c15b14c1cee6959ab6c8dcb09127f8