CVE-2025-21694

fs/proc: fix softlockup in __read_vmcore (part 2)

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the
number of softlockups in __read_vmcore at kdump time have gone down, but
they still happen sometimes. In a memory constrained environment like the kdump image, a softlockup is
not just a harmless message, but it can interfere with things like RCU
freeing memory, causing the crashdump to get stuck. The second loop in __read_vmcore has a lot more opportunities for natural
sleep points, like scheduling out while waiting for a data write to
happen, but apparently that is not always enough. Add a cond_resched() to the second loop in __read_vmcore to (hopefully)
get rid of the softlockups.

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the number of softlockups in __read_vmcore at kdump time have gone down, but they still happen sometimes. In a memory constrained environment like the kdump image, a softlockup is not just a harmless message, but it can interfere with things like RCU freeing memory, causing the crashdump to get stuck. The second loop in __read_vmcore has a lot more opportunities for natural sleep points, like scheduling out while waiting for a data write to happen, but apparently that is not always enough. Add a cond_resched() to the second loop in __read_vmcore to (hopefully) get rid of the softlockups.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-02-12 CVE Published
2025-02-12 CVE Updated
2025-02-15 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (15)

URL	Tag	Source
https://git.kernel.org/stable/c/803d5a33d5ffdc2d86dcc0cfa01655a330612cdb	Vuln. Introduced
https://git.kernel.org/stable/c/70c1835e776c8447c1aca87ddb38cfe764fe756a	Vuln. Introduced
https://git.kernel.org/stable/c/e1b160a50c756e0efbea290b9bf5117cb80e8c4b	Vuln. Introduced
https://git.kernel.org/stable/c/a373ad833a6bfe4bc6cedcf7e56a99cc6fd9a193	Vuln. Introduced
https://git.kernel.org/stable/c/518fbd644dabb6aedbdd4939c6c9cc1bf651459f	Vuln. Introduced
https://git.kernel.org/stable/c/5cbcb62dddf5346077feb82b7b0c9254222d3445	Vuln. Introduced
https://git.kernel.org/stable/c/7bdf1d550ddfcd9ab797087421f77b7aceddc8a7	Vuln. Introduced
https://git.kernel.org/stable/c/e8780e8a0e25dc4c3927f611ec8970d26c0c7369	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/84c4ed15626574c9ac6c1039ba9c137a77bcc7f2	2025-02-01
https://git.kernel.org/stable/c/80da29deb88a3a907441fc35bb7bac309f31e713	2025-02-01
https://git.kernel.org/stable/c/649b266606bc413407ce315f710c8ce8a88ee30a	2025-01-23
https://git.kernel.org/stable/c/65c367bd9d4f43513c7f837df5753bea9561b836	2025-01-23
https://git.kernel.org/stable/c/a5a2ee8144c3897d37403a69118c3e3dc5713958	2025-01-23
https://git.kernel.org/stable/c/80828540dad0757b6337c6561d49c81038f38d87	2025-01-23
https://git.kernel.org/stable/c/cbc5dde0a461240046e8a41c43d7c3b76d5db952	2025-01-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4.279 < 5.4.290 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.279 < 5.4.290"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10.221 < 5.10.234 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.221 < 5.10.234"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15.162 < 5.15.177 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.162 < 5.15.177"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.95 < 6.1.127 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.95 < 6.1.127"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.35 < 6.6.74 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.35 < 6.6.74"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.10 < 6.12.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.10 < 6.12.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.10 < 6.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.10 < 6.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.19.317 Search vendor "Linux" for product "Linux Kernel" and version "4.19.317"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.9.6 Search vendor "Linux" for product "Linux Kernel" and version "6.9.6"		en		Affected