CVE-2025-21694

MEDIUM EPSS 11.9%
Published Feb 12, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 12, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the number of softlockups in __read_vmcore at kdump time have gone down, but they still happen sometimes. In a memory constrained environment like the kdump image, a softlockup is not just a harmless message, but it can interfere with things like RCU freeing memory, causing the crashdump to get stuck. The second loop in __read_vmcore has a lot more opportunities for natural sleep points, like scheduling out while waiting for a data write to happen, but apparently that is not always enough. Add a cond_resched() to the second loop in __read_vmcore to (hopefully) get rid of the softlockups.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
11.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 14

VendorProductVersionRange
linuxlinux_kernel*≥4.19.317  –  <4.20
linuxlinux_kernel*≥5.4.279  –  <5.4.290
linuxlinux_kernel*≥5.10.221  –  <5.10.234
linuxlinux_kernel*≥5.15.162  –  <5.15.177
linuxlinux_kernel*≥6.1.95  –  <6.1.127
linuxlinux_kernel*≥6.6.35  –  <6.6.74
linuxlinux_kernel*≥6.9.6  –  <6.12.11
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any

References 12

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-265688.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-355557.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-398330.html
  • git.kernel.org https://git.kernel.org/stable/c/649b266606bc413407ce315f710c8ce8a88ee30a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65c367bd9d4f43513c7f837df5753bea9561b836
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/80828540dad0757b6337c6561d49c81038f38d87
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/80da29deb88a3a907441fc35bb7bac309f31e713
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/84c4ed15626574c9ac6c1039ba9c137a77bcc7f2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a5a2ee8144c3897d37403a69118c3e3dc5713958
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cbc5dde0a461240046e8a41c43d7c3b76d5db952
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/649b266606bc413407ce315f710c8ce8a88ee30a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65c367bd9d4f43513c7f837df5753bea9561b836
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/80828540dad0757b6337c6561d49c81038f38d87
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/80da29deb88a3a907441fc35bb7bac309f31e713
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/84c4ed15626574c9ac6c1039ba9c137a77bcc7f2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a5a2ee8144c3897d37403a69118c3e3dc5713958
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cbc5dde0a461240046e8a41c43d7c3b76d5db952
    Patch