← Back to CVE List
CVE-2025-21687
In the Linux kernel, the following vulnerability has been resolved:
vfio/platform: check the bounds of read/write syscalls
count and offset are passed from user space and not checked, only
offset is capped to 40 bits, which can be used to read/write out of
bounds of the device.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt