Use-After-Free Vulnerability in Linux Kernel Affecting Workqueue Functionality
CVE-2025-21786

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability exists in the Linux kernel's handling of workqueue functionality, specifically related to the detachment process of rescuers from worker pools. A flaw was introduced where the reference to the worker pool was not adequately maintained during detachment, leading to a potential use-after-free scenario. This vulnerability can compromise system integrity and stability if left unaddressed, necessitating immediate action to ensure a secure environment.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 835b69c868f53f959d4986bbecd561ba6f38e492

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/e7c16028a424dd35be1064a68...

https://git.kernel.org/stable/c/835b69c868f53f959d4986bbe...

https://git.kernel.org/stable/c/e76946110137703c16423baf6...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024