CVE-2025-21690

MEDIUM EPSS 10.2%
Published Feb 10, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 10, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preventing troubleshooting from the VM side. Ratelimit the warning so it doesn't DoS the VM.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
10.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-770

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel* <5.15.178
linuxlinux_kernel*≥5.16  –  <6.1.128
linuxlinux_kernel*≥6.2  –  <6.6.75
linuxlinux_kernel*≥6.7  –  <6.12.12
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/01d1ebdab9ccb73c952e1666a8a80abd194dbc55
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/088bde862f8d3d0fc52e40e66a0484a246837087
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/182a4b7c731e95c08cb47f14b87a272b6ab2b2da
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/81d4dd05c412ba04f9f6b85b718e6da833be290c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0f0af1bafef33b3e2aa8c3a4ef44db48df9b0ea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d2138eab8cde61e0e6f62d0713e45202e8457d6d
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/01d1ebdab9ccb73c952e1666a8a80abd194dbc55
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/088bde862f8d3d0fc52e40e66a0484a246837087
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/182a4b7c731e95c08cb47f14b87a272b6ab2b2da
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/81d4dd05c412ba04f9f6b85b718e6da833be290c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0f0af1bafef33b3e2aa8c3a4ef44db48df9b0ea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d2138eab8cde61e0e6f62d0713e45202e8457d6d
    Patch