Deadlock Risk in Linux Kernel's DRM/i915/GT Component
CVE-2025-21849

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 March 2025

What is CVE-2025-21849?

A vulnerability exists in the Linux kernel's DRM/i915/GT component where improper use of spin_lock/unlock() in interrupt contexts can lead to a deadlock situation. When an interrupt is triggered while a lock is held, it may prevent further execution, jeopardizing system integrity. This issue has been addressed by implementing spin_lock_irqsave() to manage IRQ state correctly before acquiring locks. The fix enhances the overall robustness of the interrupt handling in the kernel, particularly in the signal_irq_work() execution path.

Affected Version(s)

Linux 2f2cc53b5fe7022f3ae602eb24573d52f8740959 < 2bf1f4c129db7a10920655b000f0292f1ee509c2

Linux 2f2cc53b5fe7022f3ae602eb24573d52f8740959 < 47ae46ac5407646420e06b78e0dad331e56a4bb4

Linux 2f2cc53b5fe7022f3ae602eb24573d52f8740959

References

https://git.kernel.org/stable/c/2bf1f4c129db7a10920655b00...

https://git.kernel.org/stable/c/47ae46ac5407646420e06b78e...

https://git.kernel.org/stable/c/e49477f7f78598295551d486e...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2025
Vulnerability Reserved
Dec 29, 2024