Linux Kernel Security Update Advisory (CVE-2025-21692)

Overview

We have released a security update to address a vulnerability in the Linux kernel. Affected product users are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-21692

 

Linux Kernel Version: 5.6 and later

 

 

Resolved Vulnerabilities

 

Index Overrange Vulnerability in ETS Qdisc in the Linux Kernel (CVE-2025-21692)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

 

CVE-2025-21692

 

Linux Kernel Version: 5.10.234
Linux Kernel Version: 5.15.178
Linux Kernel Version: 6.1.128
Linux Kernel Version: 6.6.75
Linux Kernel Version: 6.12.12
Linux Kernel Version: 6.13.1
Linux Kernel Version: 6.14-rc1

 

 

References

 

[1] net: sched: fix ets qdisc OOB Indexing
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=03c56665dab1f4ac844bc15..
[2] CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing
https://lore.kernel.org/linux-cve-announce/2025021056-CVE-2025-21692-9c7f@gregkh/T/#u
[3] cve-2025-21692
https://security-tracker.debian.org/tracker/CVE-2025-21692
[4] cve-2025-21692
https://explore.alas.aws.amazon.com/CVE-2025-21692.html
[5] cve-2025-21692
https://ubuntu.com/security/CVE-2025-21692
[6] cve-2025-21692
https://access.redhat.com/security/cve/cve-2025-21692