CVE-2025-21893

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> keys: Fix UAF in key_put()<br /> <br /> Once a key&amp;#39;s reference count has been reduced to 0, the garbage collector<br /> thread may destroy it at any time and so key_put() is not allowed to touch<br /> the key after that point. The most key_put() is normally allowed to do is<br /> to touch key_gc_work as that&amp;#39;s a static global variable.<br /> <br /> However, in an effort to speed up the reclamation of quota, this is now<br /> done in key_put() once the key&amp;#39;s usage is reduced to 0 - but now the code<br /> is looking at the key after the deadline, which is forbidden.<br /> <br /> Fix this by using a flag to indicate that a key can be gc&amp;#39;d now rather than<br /> looking at the key&amp;#39;s refcount in the garbage collector.