Linux Kernel Vulnerability in Bitmap Management by Vendor
CVE-2025-21712

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability exists in the Linux kernel's bitmap management, specifically related to the function bitmap_get_stats(). This issue arises when the function is called concurrently while the bitmap is destroyed or not fully initialized, leading to potential kernel panics due to dereferencing invalid memory. The problem has been exacerbated by recent changes that facilitated easier triggering of the crash. To mitigate this vulnerability, the bitmap_get_stats() function is now protected by a mutex, ensuring safe access to bitmap data.

Affected Version(s)

Linux 32a7627cf3a35396a8e834faf34e38ae9f3b1309 < 237e19519c8ff6949f0ef57c4a0243f5b2b0fa18

Linux 32a7627cf3a35396a8e834faf34e38ae9f3b1309 < 4e9316eee3885bfb311b4759513f2ccf37891c09

Linux 32a7627cf3a35396a8e834faf34e38ae9f3b1309 < 8d28d0ddb986f56920ac97ae704cc3340a699a30

References

https://git.kernel.org/stable/c/237e19519c8ff6949f0ef57c4...

https://git.kernel.org/stable/c/4e9316eee3885bfb311b47595...

https://git.kernel.org/stable/c/8d28d0ddb986f56920ac97ae7...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024