CVE-2025-21745

Summary

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: Fix class @block_class's subsystem refcount leakage

blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init|next)(), but does not end iterating with class_dev_iter_exit(), so causes the class's subsystem refcount leakage.

Fix by ending the iterating with class_dev_iter_exit().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxef45fe470e1e5410db4af87abc5d5055427945ac < ffb494f1e7a047bd7a41b13796fcfb08fe5beafbaffected
LinuxLinuxef45fe470e1e5410db4af87abc5d5055427945ac < 38287f779b34dfe959b4b681e909f2d3d52b88beaffected
LinuxLinuxef45fe470e1e5410db4af87abc5d5055427945ac < 431b6ef2714be4d5babb802114987541a88b43b0affected
LinuxLinuxef45fe470e1e5410db4af87abc5d5055427945ac < 993121481b5a87829f1e8163f47158b72679f309affected
LinuxLinuxef45fe470e1e5410db4af87abc5d5055427945ac < 2ce09aabe009453d641a2ceb79e6461a2d4f3876affected
LinuxLinuxef45fe470e1e5410db4af87abc5d5055427945ac < 67c7f213e052b1aa6caba4a7e25e303bc6997126affected
LinuxLinuxef45fe470e1e5410db4af87abc5d5055427945ac < d1248436cbef1f924c04255367ff4845ccd9025eaffected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.10.235 <= 5.10.*unaffected
LinuxLinux5.15.179 <= 5.15.*unaffected
LinuxLinux6.1.129 <= 6.1.*unaffected
LinuxLinux6.6.78 <= 6.6.*unaffected
LinuxLinux6.12.14 <= 6.12.*unaffected
LinuxLinux6.13.3 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

Additional References

References