Linux Kernel Memory Management Inconsistency in Userfaultfd Implementation
CVE-2025-21696

5.5MEDIUM

Key Information:

Vendor: WordPress
Status: Linux
Vendor: CVE Published:; 12 February 2025

Summary

A vulnerability exists in the Linux kernel's handling of memory management, specifically during the mremap() system call for memory regions registered with userfaultfd. An inconsistency arises when the uffd-wp (userfaultfd write-protection) flag is not properly cleared in the page table entries (PTE) and page middle directories (PMD) after a memory remapping operation. This mismatch can lead to erroneous behaviors, such as inappropriate settings of writable permissions, resulting in warnings in page_table_check_pte_flags(). To mitigate this issue, it's crucial that the kernel consistently clears the uffd-wp flags, ensuring alignment between the virtual memory area (VMA) flags and the PTE/PMD flags across all relevant paths, including PTE, huge PMD, and hugetlb implementations.

Affected Version(s)

Linux 63b2d4174c4ad1f40b48d7138e71bcb564c1fe03 < 310ac886d68de661c3a334198d8604b722d7fdf8

Linux 63b2d4174c4ad1f40b48d7138e71bcb564c1fe03 < 0cef0bb836e3cfe00f08f9606c72abd72fe78ca3

Linux 5.7

References

https://git.kernel.org/stable/c/310ac886d68de661c3a334198...

https://git.kernel.org/stable/c/0cef0bb836e3cfe00f08f9606...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Dec 29, 2024