CVE-2025-21672
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/01/2025
Last modified:
03/02/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
afs: Fix merge preference rule failure condition<br />
<br />
syzbot reported a lock held when returning to userspace[1]. This is<br />
because if argc is less than 0 and the function returns directly, the held<br />
inode lock is not released.<br />
<br />
Fix this by store the error in ret and jump to done to clean up instead of<br />
returning directly.<br />
<br />
[dh: Modified Lizhi Xu&#39;s original patch to make it honour the error code<br />
from afs_split_string()]<br />
<br />
[1]<br />
WARNING: lock held when returning to user space!<br />
6.13.0-rc3-syzkaller-00209-g499551201b5f #0 Not tainted<br />
------------------------------------------------<br />
syz-executor133/5823 is leaving the kernel with locks still held!<br />
1 lock held by syz-executor133/5823:<br />
#0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include/linux/fs.h:818 [inline]<br />
#0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: afs_proc_addr_prefs_write+0x2bb/0x14e0 fs/afs/addr_prefs.c:388
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.12.11 (excluding) | |
cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page