Login Sign Up

CVE-2025-21993

7.1 HIGH

📋 TL;DR

This CVE addresses an undefined behavior shift-out-of-bounds vulnerability in the Linux kernel's iSCSI iBFT driver when using IPv6. The vulnerability triggers a UBSAN warning during iSCSI boot operations but does not allow arbitrary code execution. Systems using iSCSI boot with IPv6 on affected Linux kernel versions are impacted.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but patches exist for multiple stable branches
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only affects systems using iSCSI boot with IPv6 configuration. Most systems using traditional IPv4 iSCSI boot are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system instability due to undefined behavior during iSCSI boot process, potentially causing boot failures or system crashes.

🟠

Likely Case

UBSAN warning messages in kernel logs during iSCSI boot with IPv6, but no actual exploitation or system compromise.

🟢

If Mitigated

Minor logging noise with no security impact when proper kernel patches are applied.

🌐 Internet-Facing: LOW - This vulnerability requires local iSCSI boot operations and is not remotely exploitable.
🏢 Internal Only: LOW - Even internally, this requires specific iSCSI boot configurations with IPv6 and only produces warning messages.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH

This is a UBSAN warning/undefined behavior issue, not a traditional security vulnerability that can be weaponized for code execution or privilege escalation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with fixes available (see git.kernel.org references)

Vendor Advisory: https://git.kernel.org/stable/c/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify fix by checking kernel version and attempting iSCSI boot with IPv6.

🔧 Temporary Workarounds

Use IPv4 for iSCSI boot

linux

Configure iSCSI boot to use IPv4 instead of IPv6 to avoid triggering the shift-out-of-bounds condition

Modify iSCSI boot configuration to use IPv4 addresses

Disable UBSAN warnings

linux

Suppress UBSAN warnings at kernel boot (not recommended for production)

Add 'ubsan_handle=ignore' to kernel boot parameters

🧯 If You Can't Patch

  • Avoid using IPv6 for iSCSI boot operations
  • Monitor kernel logs for UBSAN warnings and ensure systems remain stable

🔍 How to Verify

Check if Vulnerable:

Check kernel logs for UBSAN warnings during iSCSI boot with IPv6: 'dmesg | grep -i ubsan' or 'journalctl -k | grep -i ubsan'

Check Version:

uname -r

Verify Fix Applied:

After patching, perform iSCSI boot with IPv6 and verify no UBSAN warnings appear in kernel logs

📡 Detection & Monitoring

Log Indicators:

  • UBSAN: shift-out-of-bounds warnings in kernel logs
  • Messages referencing ibft_attr_show_nic() or iSCSI boot

Network Indicators:

  • IPv6 iSCSI boot traffic to affected systems

SIEM Query:

source="kernel" AND "UBSAN" AND "shift-out-of-bounds"

📊 Metadata

CVE ID: CVE-2025-21993
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
EPSS Score: 0.06% exploit probability (18.5th percentile)
Published: April 2, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-21993, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)