Inconsistency in zswap Management in Linux Kernel Affects System Performance
CVE-2025-21860

3.3LOW

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 March 2025

Summary

A vulnerability has been identified in the zswap management of the Linux kernel, where failure in zswap_store_page() can lead to inconsistencies within the zswap entries. Under certain conditions, such as system stress testing, this inconsistency may trigger warnings related to memory management. Specifically, when an attempt to zswap an entire folio fails, the operation is rolled back, which may lead to scenarios where zswap entries are uncharged inaccurately. This can compromise the integrity of memory management, affecting overall system performance. The issue has been addressed by modifying the handling of zswap entries to ensure consistency, thus eliminating the corresponding warnings during operation.

Affected Version(s)

Linux b7c0ccdfbafdec98699ddb6f164beebf16f0bc45

Linux b7c0ccdfbafdec98699ddb6f164beebf16f0bc45 < 63895d20d63b446f5049a963983489319c2ea3e2

Linux 6.13

References

https://git.kernel.org/stable/c/a3652f5552b20903315612da4...

https://git.kernel.org/stable/c/63895d20d63b446f5049a9639...

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 12, 2025
Vulnerability Reserved
Dec 29, 2024