{ "threat_severity" : "Low", "public_date" : "2025-02-12T00:00:00Z", "bugzilla" : { "description" : "kernel: fs/proc: fix softlockup in __read_vmcore (part 2)", "id" : "2345243", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2345243" }, "cvss3" : { "cvss3_base_score" : "4.1", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nfs/proc: fix softlockup in __read_vmcore (part 2)\nSince commit 5cbcb62dddf5 (\"fs/proc: fix softlockup in __read_vmcore\") the\nnumber of softlockups in __read_vmcore at kdump time have gone down, but\nthey still happen sometimes.\nIn a memory constrained environment like the kdump image, a softlockup is\nnot just a harmless message, but it can interfere with things like RCU\nfreeing memory, causing the crashdump to get stuck.\nThe second loop in __read_vmcore has a lot more opportunities for natural\nsleep points, like scheduling out while waiting for a data write to\nhappen, but apparently that is not always enough.\nAdd a cond_resched() to the second loop in __read_vmcore to (hopefully)\nget rid of the softlockups." ], "statement" : "The security impact is limited, because actual only for kdump and the result is softlockup.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-05-13T00:00:00Z", "advisory" : "RHSA-2025:6966", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-570.12.1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-05-13T00:00:00Z", "advisory" : "RHSA-2025:6966", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-570.12.1.el9_6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-21694\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-21694\nhttps://git.kernel.org/stable/c/649b266606bc413407ce315f710c8ce8a88ee30a\nhttps://git.kernel.org/stable/c/65c367bd9d4f43513c7f837df5753bea9561b836\nhttps://git.kernel.org/stable/c/80828540dad0757b6337c6561d49c81038f38d87\nhttps://git.kernel.org/stable/c/80da29deb88a3a907441fc35bb7bac309f31e713\nhttps://git.kernel.org/stable/c/84c4ed15626574c9ac6c1039ba9c137a77bcc7f2\nhttps://git.kernel.org/stable/c/a5a2ee8144c3897d37403a69118c3e3dc5713958\nhttps://git.kernel.org/stable/c/cbc5dde0a461240046e8a41c43d7c3b76d5db952" ], "name" : "CVE-2025-21694", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }