NuytsTech Security

CVE-2025-21772

by ·

In the Linux kernel, the following vulnerability has been resolved:

partitions: mac: fix handling of bogus partition table

Fix several issues in partition probing:

– The bailout for a bad partoffset must use put_dev_sector(), since the
preceding read_part_sector() succeeded.
– If the partition table claims a silly sector size like 0xfff bytes
(which results in partition table entries straddling sector boundaries),
bail out instead of accessing out-of-bounds memory.
– We must not assume that the partition table contains proper NUL
termination – use strnlen() and strncmp() instead of strlen() and
strcmp().

More information : https://git.kernel.org/stable/c/213ba5bd81b7e97ac6e6190b8f3bc6ba76123625

Tags: