5.5

CVE-2025-21871

tee: optee: Fix supplicant wait loop

In the Linux kernel, the following vulnerability has been resolved:

tee: optee: Fix supplicant wait loop

OP-TEE supplicant is a user-space daemon and it's possible for it
be hung or crashed or killed in the middle of processing an OP-TEE
RPC call. It becomes more complicated when there is incorrect shutdown
ordering of the supplicant process vs the OP-TEE client application which
can eventually lead to system hang-up waiting for the closure of the
client application.

Allow the client process waiting in kernel for supplicant response to
be killed rather than indefinitely waiting in an unkillable state. Also,
a normal uninterruptible wait should not have resulted in the hung-task
watchdog getting triggered, but the endless loop would.

This fixes issues observed during system reboot/shutdown when supplicant
got hung for some reason or gets crashed/killed which lead to client
getting hung in an unkillable state. It in turn lead to system being in
hung up state requiring hard power off/on to recover.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.12 < 5.4.291
LinuxLinux Kernel Version >= 5.5 < 5.10.235
LinuxLinux Kernel Version >= 5.11 < 5.15.179
LinuxLinux Kernel Version >= 5.16 < 6.1.130
LinuxLinux Kernel Version >= 6.2 < 6.6.80
LinuxLinux Kernel Version >= 6.7 < 6.12.17
LinuxLinux Kernel Version >= 6.13 < 6.13.5
LinuxLinux Kernel Version6.14 Updaterc1
LinuxLinux Kernel Version6.14 Updaterc2
LinuxLinux Kernel Version6.14 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.084
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://git.kernel.org/stable/c/3eb4911364c764572e9db4ab900a57689a54e8ce
Patch
https://git.kernel.org/stable/c/0180cf0373f84fff61b16f8c062553a13dd7cfca
Patch
https://git.kernel.org/stable/c/c0a9a948159153be145f9471435695373904ee6d
Patch
https://git.kernel.org/stable/c/ec18520f5edc20a00c34a8c9fdd6507c355e880f
Patch
https://git.kernel.org/stable/c/d61cc1a435e6894bfb0dd3370c6f765d2d12825d
Patch
https://git.kernel.org/stable/c/fd9d2d6124c293e40797a080adf8a9c237efd8b8
Patch
https://git.kernel.org/stable/c/21234efe2a8474a6d2d01ea9573319de7858ce44
Patch
https://git.kernel.org/stable/c/70b0d6b0a199c5a3ee6c72f5e61681ed6f759612
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html