{"id":"CVE-2025-21826","summary":"netfilter: nf_tables: reject mismatching sum of field_len with set key length","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject mismatching sum of field_len with set key length\n\nThe field length description provides the length of each separated key\nfield in the concatenation, each field gets rounded up to 32-bits to\ncalculate the pipapo rule width from pipapo_init(). The set key length\nprovides the total size of the key aligned to 32-bits.\n\nRegister-based arithmetics still allows for combining mismatching set\nkey length and field length description, eg. set key length 10 and field\ndescription [ 5, 4 ] leading to pipapo width of 12.","modified":"2026-04-02T12:45:14.812001Z","published":"2025-03-06T16:04:32.274Z","related":["ALSA-2025:20095","ALSA-2025:20518","USN-7521-2"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21826.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1b9335a8000fb70742f7db10af314104b6ace220"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2ac254343d3cf228ae0738b2615fedf85d000752"},{"type":"WEB","url":"https://git.kernel.org/stable/c/49b7182b97bafbd5645414aff054b4a65d05823d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5083a7ae45003456c253e981b30a43f71230b4a3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6b467c8feac759f4c5c86d708beca2aa2b29584f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/82e491e085719068179ff6a5466b7387cc4bbf32"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ab50d0eff4a939d20c37721fd9766347efcdb6f6"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21826.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21826"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2d4c0798a1ef8db15b3277697ac2def4eda42312"},{"fixed":"6b467c8feac759f4c5c86d708beca2aa2b29584f"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"77be8c495a3f841e88b46508cc20d3d7d3289da3"},{"fixed":"5083a7ae45003456c253e981b30a43f71230b4a3"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9cb084df01e198119de477ac691d682fb01e80f3"},{"fixed":"2ac254343d3cf228ae0738b2615fedf85d000752"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"dc45bb00e66a33de1abb29e3d587880e1d4d9a7e"},{"fixed":"82e491e085719068179ff6a5466b7387cc4bbf32"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3ce67e3793f48c1b9635beb9bb71116ca1e51b58"},{"fixed":"49b7182b97bafbd5645414aff054b4a65d05823d"},{"fixed":"ab50d0eff4a939d20c37721fd9766347efcdb6f6"},{"fixed":"1b9335a8000fb70742f7db10af314104b6ace220"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"ff67e3e488090908dc015ba04d7407d8bd467f7e"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21826.json"}}],"schema_version":"1.7.5"}