CVE-2025-21728

MEDIUM EPSS 7.5%
Published Feb 27, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 27, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpf_send_signal() kfunc, it will cause issues because this kfunc can sleep. Change `irqs_disabled()` to `!preemptible()`.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
7.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥5.4.33  –  <5.4.291
linuxlinux_kernel*≥5.5.18  –  <5.6
linuxlinux_kernel*≥5.6.1  –  <5.10.235
linuxlinux_kernel*≥5.11  –  <5.15.179
linuxlinux_kernel*≥5.16  –  <6.1.129
linuxlinux_kernel*≥6.2  –  <6.6.76
linuxlinux_kernel*≥6.7  –  <6.12.13
linuxlinux_kernel*≥6.13  –  <6.13.2
linuxlinux_kernel5.6any

References 12

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-082556.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-265688.html
  • git.kernel.org https://git.kernel.org/stable/c/092fc76b7ab4163e008f9cde596a58dad2108260
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/78b97783496b454435639937db3303e900a24d3f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87c544108b612512b254c8f79aa5c0a8546e2cc4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/be42a09fe898635b0093c0c8dac1bfabe225c240
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ce51eab2070e295d298f42a2f1db269cd1b56d55
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e306eaaa3d78b462db5f5b11e0171f9d2b6ca3f4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eeef8e65041a031bd8a747a392c14b76a123a12c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/feba1308bc5e8e04cee751d39fae8a9b407a9034
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/092fc76b7ab4163e008f9cde596a58dad2108260
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/78b97783496b454435639937db3303e900a24d3f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87c544108b612512b254c8f79aa5c0a8546e2cc4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/be42a09fe898635b0093c0c8dac1bfabe225c240
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ce51eab2070e295d298f42a2f1db269cd1b56d55
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e306eaaa3d78b462db5f5b11e0171f9d2b6ca3f4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eeef8e65041a031bd8a747a392c14b76a123a12c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/feba1308bc5e8e04cee751d39fae8a9b407a9034
    Patch