CVE-2025-21988
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
fs/netfs/read_collect: add to next->prev_donated
If multiple subrequests donate data to the same "next" request
(depending on the subrequest completion order), each of them would
overwrite the prev_donated field, causing data corruption and a
BUG() crash ("Can't donate prior to front").
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ee4cdf7ba857a894ad1650d6ab77669cbbfa329e < 62b9ad7e52d4777f7e775ee1f0ad2452f6041024 | affected |
| Linux | Linux | ee4cdf7ba857a894ad1650d6ab77669cbbfa329e < e25cec3b76aba47a49138d2162fc809c6cd49c9e | affected |
| Linux | Linux | ee4cdf7ba857a894ad1650d6ab77669cbbfa329e < e2d46f2ec332533816417b60933954173f602121 | affected |
| Linux | Linux | 6.12 | affected |
| Linux | Linux | 0 < 6.12 | unaffected |
| Linux | Linux | 6.12.20 <= 6.12.* | unaffected |
| Linux | Linux | 6.13.8 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/62b9ad7e52d4777f7e775ee1f0ad2452f6041024
- https://git.kernel.org/stable/c/e25cec3b76aba47a49138d2162fc809c6cd49c9e
- https://git.kernel.org/stable/c/e2d46f2ec332533816417b60933954173f602121
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.