Use-After-Free Vulnerability in Linux Kernel Affecting Multiple Cryptographic Operations
CVE-2025-21726

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2025-21726?

An issue within the Linux kernel related to padata can lead to a Use-After-Free scenario during the processing of cryptographic requests. The flaw arises in the handling of reorder_work while processing queued requests, which may allow an attacker to exploit this condition, potentially leading to arbitrary code execution. After an update, it’s crucial to ensure that references are properly managed to avoid releasing memory too early. This vulnerability underscores the importance of maintaining up-to-date kernel versions to mitigate risks associated with cryptographic operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux bbefa1dd6a6d53537c11624752219e39959d04fb

Linux bbefa1dd6a6d53537c11624752219e39959d04fb < 4c6209efea2208597dbd3e52dc87a0d1a8f2dbe1

Linux bbefa1dd6a6d53537c11624752219e39959d04fb < 7000507bb0d2ceb545c0a690e0c707c897d102c2

References

https://git.kernel.org/stable/c/f4f1b1169fc3694f9bc3e28c6...

https://git.kernel.org/stable/c/4c6209efea2208597dbd3e52d...

https://git.kernel.org/stable/c/7000507bb0d2ceb545c0a690e...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024

JSON

Linux

What is CVE-2025-21726?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.