CVE-2025-21694
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
fs/proc: fix softlockup in __read_vmcore (part 2)
Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the number of softlockups in __read_vmcore at kdump time have gone down, but they still happen sometimes.
In a memory constrained environment like the kdump image, a softlockup is not just a harmless message, but it can interfere with things like RCU freeing memory, causing the crashdump to get stuck.
The second loop in __read_vmcore has a lot more opportunities for natural sleep points, like scheduling out while waiting for a data write to happen, but apparently that is not always enough.
Add a cond_resched() to the second loop in __read_vmcore to (hopefully) get rid of the softlockups.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 803d5a33d5ffdc2d86dcc0cfa01655a330612cdb < 84c4ed15626574c9ac6c1039ba9c137a77bcc7f2 | affected |
| Linux | Linux | 70c1835e776c8447c1aca87ddb38cfe764fe756a < 80da29deb88a3a907441fc35bb7bac309f31e713 | affected |
| Linux | Linux | e1b160a50c756e0efbea290b9bf5117cb80e8c4b < 649b266606bc413407ce315f710c8ce8a88ee30a | affected |
| Linux | Linux | a373ad833a6bfe4bc6cedcf7e56a99cc6fd9a193 < 65c367bd9d4f43513c7f837df5753bea9561b836 | affected |
| Linux | Linux | 518fbd644dabb6aedbdd4939c6c9cc1bf651459f < a5a2ee8144c3897d37403a69118c3e3dc5713958 | affected |
| Linux | Linux | 5cbcb62dddf5346077feb82b7b0c9254222d3445 < 80828540dad0757b6337c6561d49c81038f38d87 | affected |
| Linux | Linux | 5cbcb62dddf5346077feb82b7b0c9254222d3445 < cbc5dde0a461240046e8a41c43d7c3b76d5db952 | affected |
| Linux | Linux | 7bdf1d550ddfcd9ab797087421f77b7aceddc8a7 | affected |
| Linux | Linux | e8780e8a0e25dc4c3927f611ec8970d26c0c7369 | affected |
| Linux | Linux | 5.4.279 < 5.4.290 | affected |
| Linux | Linux | 5.10.221 < 5.10.234 | affected |
| Linux | Linux | 5.15.162 < 5.15.177 | affected |
| Linux | Linux | 6.1.95 < 6.1.127 | affected |
| Linux | Linux | 6.6.35 < 6.6.74 | affected |
| Linux | Linux | 4.19.317 < 4.20 | affected |
| Linux | Linux | 6.9.6 < 6.10 | affected |
| Linux | Linux | 6.10 | affected |
| Linux | Linux | 0 < 6.10 | unaffected |
| Linux | Linux | 5.4.290 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.234 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.177 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.127 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.74 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.11 <= 6.12.* | unaffected |
| Linux | Linux | 6.13 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
Additional References
- https://cert-portal.siemens.com/productcert/html/ssa-398330.html
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://cert-portal.siemens.com/productcert/html/ssa-355557.html
References
- https://git.kernel.org/stable/c/84c4ed15626574c9ac6c1039ba9c137a77bcc7f2
- https://git.kernel.org/stable/c/80da29deb88a3a907441fc35bb7bac309f31e713
- https://git.kernel.org/stable/c/649b266606bc413407ce315f710c8ce8a88ee30a
- https://git.kernel.org/stable/c/65c367bd9d4f43513c7f837df5753bea9561b836
- https://git.kernel.org/stable/c/a5a2ee8144c3897d37403a69118c3e3dc5713958
- https://git.kernel.org/stable/c/80828540dad0757b6337c6561d49c81038f38d87
- https://git.kernel.org/stable/c/cbc5dde0a461240046e8a41c43d7c3b76d5db952
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.