How severe is CVE-2025-21711?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2025-21711?

This is classified as CWE-190, which is a common weakness in software security.

CVE-2025-21711 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: net/rose: prevent integer overflows in rose_setsockopt() In case of possible unpredictably large arguments passed to rose_setsockopt() and multiplied by extra values on top of that, integer overflows may occur. Do the safest minimum and fix these issues by checking the contents of 'opt' and returning -EINVAL if they are too large. Also, switch to unsigned int and remove useless check for negative 'opt' in ROSE_IDLE case.

Related Vulnerabilities

CVE-2011-4097

MEDIUM

CVSS:5.5(Medium)

Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termin...

CWE-1902011

CVE-2012-0038

MEDIUM

CVSS:5.5(Medium)

Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, l...

CWE-1902012

CVE-2015-1526

MEDIUM

CVSS:5.5(Medium)

The media_server component in Android allows remote attackers to cause a denial of service via a crafted application.

CWE-1902015

CVE-2015-4645

MEDIUM

CVSS:5.5(Medium)

Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which tri...

CWE-1902015

CVE-2015-8933

MEDIUM

CVSS:5.5(Medium)

Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted...

CWE-1902015

CVE-2016-3712

MEDIUM

CVSS:5.5(Medium)

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

CWE-1902016