Vulnerability in Linux Kernel Affecting Random Number Generation
CVE-2025-21767

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2025-21767?

A bug in the Linux kernel involving the clock source verification process has been identified. This issue arises when the 'clocksource_verify_choose_cpus()' function, used for selecting CPUs based on random numbers, is called with preemption disabled. This can lead to attempts to acquire sleeping locks in an atomic context, causing system instability. The resolution involves utilizing 'migrate_disable()' to allow reliable use of 'smp_processor_id()' without introducing atomic context, thus mitigating the problem and ensuring the integrity of random number generation in the kernel.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux d9b40ebd448e437ffbc65f013836f98252279a82

Linux 7560c02bdffb7c52d1457fa551b9e745d4b9e754 < 60f54f0d4ea530950549a8263e6fdd70a40490a4

Linux 7560c02bdffb7c52d1457fa551b9e745d4b9e754 < 852805b6cbdb69c298a8fc9fbe79994c95106e04

References

https://git.kernel.org/stable/c/d9c217fadfcff7a8df5856751...
https://git.kernel.org/stable/c/60f54f0d4ea530950549a8263...
https://git.kernel.org/stable/c/852805b6cbdb69c298a8fc9fb...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.