Linux Kernel Vulnerability Affecting batman-adv Interface Stability
CVE-2025-21781

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability has been identified in the Linux kernel related to the batman-adv networking protocol. This issue arises from improper reference counting during the removal of interfaces, which can lead to a system crash when a reboot is triggered. The crash is associated with the functions batadv_v_mesh_free and batadv_v_elp_throughput_metric_update, where race conditions between soft and hard interfaces occur. This instability can result in unexpected behavior and potential downtime. The kernel has been updated to ensure that reference counting keeps the hard interface associated with its soft counterpart until all necessary operations are completed.

Affected Version(s)

Linux c833484e5f3872a38fe232c663586069d5ad9645 < 7eb5dd201695645af071592a50026eb780081a72

Linux c833484e5f3872a38fe232c663586069d5ad9645 < 072b2787321903287a126c148e8db87dd7ef96fe

Linux c833484e5f3872a38fe232c663586069d5ad9645 < 2c3fb7df4cc6d043f70d4a8a10f8b915bbfb75e7

References

https://git.kernel.org/stable/c/7eb5dd201695645af071592a5...

https://git.kernel.org/stable/c/072b2787321903287a126c148...

https://git.kernel.org/stable/c/2c3fb7df4cc6d043f70d4a8a1...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024