CVE-2025-21745

blk-cgroup: Fix class @block_class's subsystem refcount leakage

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root_iostats() iterates over @block_class's devices by
class_dev_iter_(init|next)(), but does not end iterating with
class_dev_iter_exit(), so causes the class's subsystem refcount leakage. Fix by ending the iterating with class_dev_iter_exit().

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init|next)(), but does not end iterating with class_dev_iter_exit(), so causes the class's subsystem refcount leakage. Fix by ending the iterating with class_dev_iter_exit().

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-02-27 CVE Published
2025-03-24 CVE Updated
2025-04-01 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/ef45fe470e1e5410db4af87abc5d5055427945ac	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/ffb494f1e7a047bd7a41b13796fcfb08fe5beafb	2025-03-13
https://git.kernel.org/stable/c/38287f779b34dfe959b4b681e909f2d3d52b88be	2025-03-13
https://git.kernel.org/stable/c/431b6ef2714be4d5babb802114987541a88b43b0	2025-02-21
https://git.kernel.org/stable/c/993121481b5a87829f1e8163f47158b72679f309	2025-02-17
https://git.kernel.org/stable/c/2ce09aabe009453d641a2ceb79e6461a2d4f3876	2025-02-17
https://git.kernel.org/stable/c/67c7f213e052b1aa6caba4a7e25e303bc6997126	2025-02-17
https://git.kernel.org/stable/c/d1248436cbef1f924c04255367ff4845ccd9025e	2025-01-10

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 5.10.235 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 5.10.235"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 5.15.179 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 5.15.179"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 6.1.129 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.1.129"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 6.6.78 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.6.78"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 6.12.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.12.14"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 6.13.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.13.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 6.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.14"		en		Affected