{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-21694", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-12-29T08:45:45.743Z", "datePublished": "2025-02-12T13:27:53.763Z", "dateUpdated": "2025-11-03T20:59:17.714Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T13:06:17.218Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc: fix softlockup in __read_vmcore (part 2)\n\nSince commit 5cbcb62dddf5 (\"fs/proc: fix softlockup in __read_vmcore\") the\nnumber of softlockups in __read_vmcore at kdump time have gone down, but\nthey still happen sometimes.\n\nIn a memory constrained environment like the kdump image, a softlockup is\nnot just a harmless message, but it can interfere with things like RCU\nfreeing memory, causing the crashdump to get stuck.\n\nThe second loop in __read_vmcore has a lot more opportunities for natural\nsleep points, like scheduling out while waiting for a data write to\nhappen, but apparently that is not always enough.\n\nAdd a cond_resched() to the second loop in __read_vmcore to (hopefully)\nget rid of the softlockups."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/proc/vmcore.c"], "versions": [{"version": "803d5a33d5ffdc2d86dcc0cfa01655a330612cdb", "lessThan": "84c4ed15626574c9ac6c1039ba9c137a77bcc7f2", "status": "affected", "versionType": "git"}, {"version": "70c1835e776c8447c1aca87ddb38cfe764fe756a", "lessThan": "80da29deb88a3a907441fc35bb7bac309f31e713", "status": "affected", "versionType": "git"}, {"version": "e1b160a50c756e0efbea290b9bf5117cb80e8c4b", "lessThan": "649b266606bc413407ce315f710c8ce8a88ee30a", "status": "affected", "versionType": "git"}, {"version": "a373ad833a6bfe4bc6cedcf7e56a99cc6fd9a193", "lessThan": "65c367bd9d4f43513c7f837df5753bea9561b836", "status": "affected", "versionType": "git"}, {"version": "518fbd644dabb6aedbdd4939c6c9cc1bf651459f", "lessThan": "a5a2ee8144c3897d37403a69118c3e3dc5713958", "status": "affected", "versionType": "git"}, {"version": "5cbcb62dddf5346077feb82b7b0c9254222d3445", "lessThan": "80828540dad0757b6337c6561d49c81038f38d87", "status": "affected", "versionType": "git"}, {"version": "5cbcb62dddf5346077feb82b7b0c9254222d3445", "lessThan": "cbc5dde0a461240046e8a41c43d7c3b76d5db952", "status": "affected", "versionType": "git"}, {"version": "7bdf1d550ddfcd9ab797087421f77b7aceddc8a7", "status": "affected", "versionType": "git"}, {"version": "e8780e8a0e25dc4c3927f611ec8970d26c0c7369", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/proc/vmcore.c"], "versions": [{"version": "6.10", "status": "affected"}, {"version": "0", "lessThan": "6.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.290", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.234", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.177", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.127", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.74", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.11", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.279", "versionEndExcluding": "5.4.290"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.221", "versionEndExcluding": "5.10.234"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.162", "versionEndExcluding": "5.15.177"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.95", "versionEndExcluding": "6.1.127"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.35", "versionEndExcluding": "6.6.74"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.10", "versionEndExcluding": "6.12.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.10", "versionEndExcluding": "6.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.317"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.9.6"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/84c4ed15626574c9ac6c1039ba9c137a77bcc7f2"}, {"url": "https://git.kernel.org/stable/c/80da29deb88a3a907441fc35bb7bac309f31e713"}, {"url": "https://git.kernel.org/stable/c/649b266606bc413407ce315f710c8ce8a88ee30a"}, {"url": "https://git.kernel.org/stable/c/65c367bd9d4f43513c7f837df5753bea9561b836"}, {"url": "https://git.kernel.org/stable/c/a5a2ee8144c3897d37403a69118c3e3dc5713958"}, {"url": "https://git.kernel.org/stable/c/80828540dad0757b6337c6561d49c81038f38d87"}, {"url": "https://git.kernel.org/stable/c/cbc5dde0a461240046e8a41c43d7c3b76d5db952"}], "title": "fs/proc: fix softlockup in __read_vmcore (part 2)", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-21694", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T20:08:56.110006Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T20:17:06.985Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:59:17.714Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBCC7CEA-15C0-47C4-8D3B-10F7FF0BEBA3", "versionEndExcluding": "4.20", "versionStartIncluding": "4.19.317", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "34F4B425-5BC9-41A8-A854-76462A933A22", "versionEndExcluding": "5.4.290", "versionStartIncluding": "5.4.279", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F56C8BB3-6F28-497B-AD0A-FB567EAAC3E4", "versionEndExcluding": "5.10.234", "versionStartIncluding": "5.10.221", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A98310AE-F6B9-42BC-80BA-919A4ADE77E7", "versionEndExcluding": "5.15.177", "versionStartIncluding": "5.15.162", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "96A4B1CA-339F-4E20-B649-CD4A34DDF077", "versionEndExcluding": "6.1.127", "versionStartIncluding": "6.1.95", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "52E9209F-1721-467F-9588-38F544C837A0", "versionEndExcluding": "6.6.74", "versionStartIncluding": "6.6.35", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8AF64430-37DA-41A5-A630-9BAC600DC51D", "versionEndExcluding": "6.12.11", "versionStartIncluding": "6.9.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*", "matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*", "matchCriteriaId": "034C36A6-C481-41F3-AE9A-D116E5BE6895", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*", "matchCriteriaId": "8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc7:*:*:*:*:*:*", "matchCriteriaId": "5DFCDFB8-4FD0-465A-9076-D813D78FE51B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc: fix softlockup in __read_vmcore (part 2)\n\nSince commit 5cbcb62dddf5 (\"fs/proc: fix softlockup in __read_vmcore\") the\nnumber of softlockups in __read_vmcore at kdump time have gone down, but\nthey still happen sometimes.\n\nIn a memory constrained environment like the kdump image, a softlockup is\nnot just a harmless message, but it can interfere with things like RCU\nfreeing memory, causing the crashdump to get stuck.\n\nThe second loop in __read_vmcore has a lot more opportunities for natural\nsleep points, like scheduling out while waiting for a data write to\nhappen, but apparently that is not always enough.\n\nAdd a cond_resched() to the second loop in __read_vmcore to (hopefully)\nget rid of the softlockups."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/proc: fix softlockup in __read_vmcore (parte 2) Desde el commit 5cbcb62dddf5 (\"fs/proc: fix softlockup in __read_vmcore\"), la cantidad de softlockups en __read_vmcore en el momento de kdump ha disminuido, pero a\u00fan ocurren a veces. En un entorno con restricciones de memoria como la imagen kdump, un softlockup no es solo un mensaje inofensivo, sino que puede interferir con cosas como la liberaci\u00f3n de memoria por parte de RCU, lo que hace que el crashdump se quede atascado. El segundo bucle en __read_vmcore tiene muchas m\u00e1s oportunidades para puntos de suspensi\u00f3n naturales, como programar la salida mientras se espera que se escriban datos, pero aparentemente eso no siempre es suficiente. Agregue un cond_resched() al segundo bucle en __read_vmcore para (con suerte) deshacerse de los softlockups."}], "id": "CVE-2025-21694", "lastModified": "2025-11-03T21:19:08.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-02-12T14:15:32.463", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/649b266606bc413407ce315f710c8ce8a88ee30a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/65c367bd9d4f43513c7f837df5753bea9561b836"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/80828540dad0757b6337c6561d49c81038f38d87"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/80da29deb88a3a907441fc35bb7bac309f31e713"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/84c4ed15626574c9ac6c1039ba9c137a77bcc7f2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a5a2ee8144c3897d37403a69118c3e3dc5713958"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cbc5dde0a461240046e8a41c43d7c3b76d5db952"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2025:6966", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-570.12.1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:6966", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-570.12.1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}], "bugzilla": {"description": "kernel: fs/proc: fix softlockup in __read_vmcore (part 2)", "id": "2345243", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345243"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nfs/proc: fix softlockup in __read_vmcore (part 2)\nSince commit 5cbcb62dddf5 (\"fs/proc: fix softlockup in __read_vmcore\") the\nnumber of softlockups in __read_vmcore at kdump time have gone down, but\nthey still happen sometimes.\nIn a memory constrained environment like the kdump image, a softlockup is\nnot just a harmless message, but it can interfere with things like RCU\nfreeing memory, causing the crashdump to get stuck.\nThe second loop in __read_vmcore has a lot more opportunities for natural\nsleep points, like scheduling out while waiting for a data write to\nhappen, but apparently that is not always enough.\nAdd a cond_resched() to the second loop in __read_vmcore to (hopefully)\nget rid of the softlockups."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-21694", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-21694\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-21694\nhttps://git.kernel.org/stable/c/649b266606bc413407ce315f710c8ce8a88ee30a\nhttps://git.kernel.org/stable/c/65c367bd9d4f43513c7f837df5753bea9561b836\nhttps://git.kernel.org/stable/c/80828540dad0757b6337c6561d49c81038f38d87\nhttps://git.kernel.org/stable/c/80da29deb88a3a907441fc35bb7bac309f31e713\nhttps://git.kernel.org/stable/c/84c4ed15626574c9ac6c1039ba9c137a77bcc7f2\nhttps://git.kernel.org/stable/c/a5a2ee8144c3897d37403a69118c3e3dc5713958\nhttps://git.kernel.org/stable/c/cbc5dde0a461240046e8a41c43d7c3b76d5db952"], "statement": "The security impact is limited, because actual only for kdump and the result is softlockup.", "threat_severity": "Low"}

{}