CVE-2025-40021

Summary

In the Linux kernel, the following vulnerability has been resolved:

tracing: dynevent: Add a missing lockdown check on dynevent

Since dynamic_events interface on tracefs is compatible with kprobe_events and uprobe_events, it should also check the lockdown status and reject if it is set.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux17911ff38aa58d3c95c07589dbf5d3564c4cf3c5 < f3ac1f4eaba58e57943efa3e8b8d71fa7aab0abfaffected
LinuxLinux17911ff38aa58d3c95c07589dbf5d3564c4cf3c5 < 0d41604d2d53c1abe27fefb54b37a8f6642a4d74affected
LinuxLinux17911ff38aa58d3c95c07589dbf5d3564c4cf3c5 < 07b1f63b5f86765793fab44d3d4c2be681cddafbaffected
LinuxLinux17911ff38aa58d3c95c07589dbf5d3564c4cf3c5 < 3887f3814c0e770e6b73567fe0f83a2c01a6470caffected
LinuxLinux17911ff38aa58d3c95c07589dbf5d3564c4cf3c5 < 573b1e39edfcb7b4eecde0f1664455a1f4462eeeaffected
LinuxLinux17911ff38aa58d3c95c07589dbf5d3564c4cf3c5 < b47c4e06687a5a7b6c6ef4bd303fcfe4430b26bbaffected
LinuxLinux17911ff38aa58d3c95c07589dbf5d3564c4cf3c5 < 456c32e3c4316654f95f9d49c12cbecfb77d5660affected
LinuxLinux5.4affected
LinuxLinux0 < 5.4unaffected
LinuxLinux5.10.245 <= 5.10.*unaffected
LinuxLinux5.15.194 <= 5.15.*unaffected
LinuxLinux6.1.155 <= 6.1.*unaffected
LinuxLinux6.6.109 <= 6.6.*unaffected
LinuxLinux6.12.50 <= 6.12.*unaffected
LinuxLinux6.16.10 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References