Memory Corruption Vulnerability in Linux Kernel Affects Task Management
CVE-2025-21919

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 April 2025

Summary

A vulnerability in the Linux kernel's task management could result in memory corruption due to improper handling of pointer conversions within the CFS scheduler. The issue is triggered during the manipulation of lists associated with child scheduling classes, potentially leading to unpredictable behavior and access to corrupted data. Fixes ensure that a check is in place during pointer operations to validate the integrity of the cfs_rq structures, preventing mishaps and enhancing operational stability.

Affected Version(s)

Linux fdaba61ef8a268d4136d0a113d153f7a89eb9984 < 5cb300dcdd27e6a351ac02541e0231261c775852

Linux fdaba61ef8a268d4136d0a113d153f7a89eb9984 < 000c9ee43928f2ce68a156dd40bab7616256f4dd

Linux fdaba61ef8a268d4136d0a113d153f7a89eb9984 < 9cc7f0018609f75a349e42e3aebc3b0e905ba775

References

https://git.kernel.org/stable/c/5cb300dcdd27e6a351ac02541...

https://git.kernel.org/stable/c/000c9ee43928f2ce68a156dd4...

https://git.kernel.org/stable/c/9cc7f0018609f75a349e42e3a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 1, 2025
Vulnerability Reserved
Dec 29, 2024