Kernel Vulnerability in Linux Affecting vmclock Module Operations
CVE-2025-21769

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Linux kernel, specifically related to the vmclock module, has been identified which could lead to system instability. The absence of the .owner field in the vmclock_miscdev_fops could permit the module to be unloaded while a process is actively using /dev/vmclock0. This situation may cause unexpected behavior, including potential system crashes, as resources may not be appropriately managed when accessed concurrently.

Affected Version(s)

Linux 20503272422693d793b84f88bf23fe4e955d3a33 < 3b5709225b43ee33e1026dd1fc0949a7f19b5289

Linux 20503272422693d793b84f88bf23fe4e955d3a33 < 7b07b040257c1b658ef3eca86e4b6ae02d65069c

Linux 6.13

References

https://git.kernel.org/stable/c/3b5709225b43ee33e1026dd1f...

https://git.kernel.org/stable/c/7b07b040257c1b658ef3eca86...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024