Use-After-Free Vulnerability in Linux Kernel Affecting NBD Configuration
CVE-2025-21731

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2025-21731?

A use-after-free vulnerability exists in the Linux Kernel that can be exploited when the NBD (Network Block Device) configuration is unexpectedly released while still in use. This issue arises during the reconfiguration process, leading to potential access to freed memory resources. Proper handling during disconnect operations is essential to maintain the stability and security of NBD connections. The vulnerability is resolved by ensuring that the NBD state is properly managed, preventing the reconfiguration attempt from succeeding post-disconnection. Users are advised to update their Linux Kernel to the latest version to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux b7aa3d39385dc2d95899f9e379623fef446a2acd

Linux b7aa3d39385dc2d95899f9e379623fef446a2acd < 6bef6222a3f6c7adb6396f77f25a3579d821b09a

Linux b7aa3d39385dc2d95899f9e379623fef446a2acd

References

https://git.kernel.org/stable/c/e70a578487a47d7cf05890414...

https://git.kernel.org/stable/c/6bef6222a3f6c7adb6396f77f...

https://git.kernel.org/stable/c/e3be8862d73cac833e0fb7602...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024

JSON

Linux

What is CVE-2025-21731?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.