CVE-2025-21633

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-21633
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

20 May 2025, 14:15

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Summary
  • (es) En kernel de linux, se ha resuelto la siguiente vulnerabilidad: io_uring/sqpoll: cero errores sqd->thread en tctx Syzkeller informa: BUG: KASAN: slab-use-after-free in thread_group_cputime+0x409/0x700 kernel/sched/cputime.c:341 Read of size 8 at addr ffff88803578c510 by task syz.2.3223/27552 Call Trace: ... kasan_report+0x143/0x180 mm/kasan/report.c:602 thread_group_cputime+0x409/0x700 kernel/sched/cputime.c:341 thread_group_cputime_adjusted+0xa6/0x340 kernel/sched/cputime.c:639 getrusage+0x1000/0x1340 kernel/sys.c:1863 io_uring_show_fdinfo+0xdfe/0x1770 io_uring/fdinfo.c:197 seq_show+0x608/0x770 fs/proc/fd.c:68... Esto se debe a que sqd->task no se borra correctamente en los casos en que falla la configuración de tctx de la tarea SQPOLL, lo que esencialmente solo puede ocurrir con errores de inyección de errores en la asignación de insertos.
Summary (en) In the Linux kernel, the following vulnerability has been resolved: io_uring/sqpoll: zero sqd->thread on tctx errors Syzkeller reports: BUG: KASAN: slab-use-after-free in thread_group_cputime+0x409/0x700 kernel/sched/cputime.c:341 Read of size 8 at addr ffff88803578c510 by task syz.2.3223/27552 Call Trace: <TASK> ... kasan_report+0x143/0x180 mm/kasan/report.c:602 thread_group_cputime+0x409/0x700 kernel/sched/cputime.c:341 thread_group_cputime_adjusted+0xa6/0x340 kernel/sched/cputime.c:639 getrusage+0x1000/0x1340 kernel/sys.c:1863 io_uring_show_fdinfo+0xdfe/0x1770 io_uring/fdinfo.c:197 seq_show+0x608/0x770 fs/proc/fd.c:68 ... That's due to sqd->task not being cleared properly in cases where SQPOLL task tctx setup fails, which can essentially only happen with fault injection to insert allocation errors. (en) Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CWE CWE-416
CVSS v2 : unknown
v3 : 7.8 		v2 : unknown
v3 : unknown
References
  • {'url': 'https://git.kernel.org/stable/c/4b7cfa8b6c28a9fa22b86894166a1a34f6d630ba', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/aa7496d668c30ca7421b3bfdcd948ee861a13d17', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}

24 Mar 2025, 17:40

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/4b7cfa8b6c28a9fa22b86894166a1a34f6d630ba - () https://git.kernel.org/stable/c/4b7cfa8b6c28a9fa22b86894166a1a34f6d630ba - Patch
References () https://git.kernel.org/stable/c/aa7496d668c30ca7421b3bfdcd948ee861a13d17 - () https://git.kernel.org/stable/c/aa7496d668c30ca7421b3bfdcd948ee861a13d17 - Patch
CPE cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

13 Feb 2025, 14:16

Type Values Removed Values Added
CWE CWE-416
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
Summary
  • (es) En kernel de linux, se ha resuelto la siguiente vulnerabilidad: io_uring/sqpoll: cero errores sqd-&gt;thread en tctx Syzkeller informa: BUG: KASAN: slab-use-after-free in thread_group_cputime+0x409/0x700 kernel/sched/cputime.c:341 Read of size 8 at addr ffff88803578c510 by task syz.2.3223/27552 Call Trace: ... kasan_report+0x143/0x180 mm/kasan/report.c:602 thread_group_cputime+0x409/0x700 kernel/sched/cputime.c:341 thread_group_cputime_adjusted+0xa6/0x340 kernel/sched/cputime.c:639 getrusage+0x1000/0x1340 kernel/sys.c:1863 io_uring_show_fdinfo+0xdfe/0x1770 io_uring/fdinfo.c:197 seq_show+0x608/0x770 fs/proc/fd.c:68... Esto se debe a que sqd-&gt;task no se borra correctamente en los casos en que falla la configuración de tctx de la tarea SQPOLL, lo que esencialmente solo puede ocurrir con errores de inyección de errores en la asignación de insertos.

19 Jan 2025, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-01-19 11:15

Updated : 2025-05-20 14:15

NVD link : CVE-2025-21633

Mitre link : CVE-2025-21633

CVE.ORG link : CVE-2025-21633

JSON object : View

Products Affected

No product.

CWE

No CWE.