CVE-2025-21655
Published Jan 20, 2025
Last updated a day ago
- Description
- In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is invoked from an RCU callback, but when dropping the reference to the io_ev_fd, it calls io_eventfd_free() directly if the refcount drops to zero. This isn't correct, as any potential freeing of the io_ev_fd should be deferred another RCU grace period. Just call io_eventfd_put() rather than open-code the dec-and-test and free, which will correctly defer it another RCU grace period.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Received
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
CVE-2025-21655 RCU Grace Period Fix in Linux Kernel io_uring/eventfd https://t.co/RWSSwtCb67
@VulmonFeeds
20 Jan 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
(CVE-2025-21655)[io_uring/eventfd]ensure io_eventfd_signal() defers another RCU period https://t.co/n5aMJLsSlw @tehjh (CVE-2025-21633)[io_uring/sqpoll]slab-UAF in thread_group_cputime https://t.co/KjTe9uu0WG https://t.co/pNP1K7yiu2
@xvonfers
20 Jan 2025
2275 Impressions
7 Retweets
37 Likes
10 Bookmarks
0 Replies
0 Quotes
CVE-2025-21655 In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is… https://t.co/Jx150Sc9yn
@CVEnew
20 Jan 2025
486 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes