Use-After-Free Vulnerability in Linux Kernel Affecting NBD Configuration
CVE-2025-21731
Summary
A use-after-free vulnerability exists in the Linux Kernel that can be exploited when the NBD (Network Block Device) configuration is unexpectedly released while still in use. This issue arises during the reconfiguration process, leading to potential access to freed memory resources. Proper handling during disconnect operations is essential to maintain the stability and security of NBD connections. The vulnerability is resolved by ensuring that the NBD state is properly managed, preventing the reconfiguration attempt from succeeding post-disconnection. Users are advised to update their Linux Kernel to the latest version to mitigate this risk.
Affected Version(s)
Linux b7aa3d39385dc2d95899f9e379623fef446a2acd
Linux b7aa3d39385dc2d95899f9e379623fef446a2acd
Linux b7aa3d39385dc2d95899f9e379623fef446a2acd
References
Timeline
Vulnerability published
Vulnerability Reserved