CVE-2025-21804

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()<br /> <br /> The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()<br /> macro to request a needed resource. A string variable that lives on the<br /> stack is then used to store a dynamically computed resource name, which<br /> is then passed on as one of the macro arguments. This can lead to<br /> undefined behavior.<br /> <br /> Depending on the current contents of the memory, the manifestations of<br /> errors may vary. One possible output may be as follows:<br /> <br /> $ cat /proc/iomem<br /> 30000000-37ffffff :<br /> 38000000-3fffffff :<br /> <br /> Sometimes, garbage may appear after the colon.<br /> <br /> In very rare cases, if no NULL-terminator is found in memory, the system<br /> might crash because the string iterator will overrun which can lead to<br /> access of unmapped memory above the stack.<br /> <br /> Thus, fix this by replacing outbound_name with the name of the previously<br /> requested resource. With the changes applied, the output will be as<br /> follows:<br /> <br /> $ cat /proc/iomem<br /> 30000000-37ffffff : memory2<br /> 38000000-3fffffff : memory3<br /> <br /> [kwilczynski: commit log]