- Description
- In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is invoked from an RCU callback, but when dropping the reference to the io_ev_fd, it calls io_eventfd_free() directly if the refcount drops to zero. This isn't correct, as any potential freeing of the io_ev_fd should be deferred another RCU grace period. Just call io_eventfd_put() rather than open-code the dec-and-test and free, which will correctly defer it another RCU grace period.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Analyzed
- Products
- linux_kernel
CVSS 3.1
- Type
- Primary
- Base score
- 4.7
- Impact score
- 3.6
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- nvd@nist.gov
- CWE-416
- Hype score
- Not currently trending
CVE-2025-21655 RCU Grace Period Fix in Linux Kernel io_uring/eventfd https://t.co/RWSSwtCb67
@VulmonFeeds
20 Jan 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
(CVE-2025-21655)[io_uring/eventfd]ensure io_eventfd_signal() defers another RCU period https://t.co/n5aMJLsSlw @tehjh (CVE-2025-21633)[io_uring/sqpoll]slab-UAF in thread_group_cputime https://t.co/KjTe9uu0WG https://t.co/pNP1K7yiu2
@xvonfers
20 Jan 2025
2275 Impressions
7 Retweets
37 Likes
10 Bookmarks
0 Replies
0 Quotes
CVE-2025-21655 In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is… https://t.co/Jx150Sc9yn
@CVEnew
20 Jan 2025
486 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44CA08BE-AA91-4D79-9DC6-9ADFFD6C0C4D",
"versionEndExcluding": "6.1.125",
"versionStartIncluding": "6.1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33E12097-C88A-45B4-9677-2A961A08DD3E",
"versionEndExcluding": "6.6.72",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02D604F6-10D1-4F7B-A022-0888406A1121",
"versionEndExcluding": "6.12.10",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "034C36A6-C481-41F3-AE9A-D116E5BE6895"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2"
}
],
"operator": "OR"
}
]
}
]