CVE-2025-21895

EPSS 0.02%
Veröffentlicht 01.04.2025 16:15:19
Zuletzt bearbeitet 31.10.2025 18:50:50
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list

Syskaller triggers a warning due to prev_epc->pmu != next_epc->pmu in
perf_event_swap_task_ctx_data(). vmcore shows that two lists have the same
perf_event_pmu_context, but not in the same order.

The problem is that the order of pmu_ctx_list for the parent is impacted by
the time when an event/PMU is added. While the order for a child is
impacted by the event order in the pinned_groups and flexible_groups. So
the order of pmu_ctx_list in the parent and child may be different.

To fix this problem, insert the perf_event_pmu_context to its proper place
after iteration of the pmu_ctx_list.

The follow testcase can trigger above warning:

 # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out &
 # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out

 test.c

 void main() {
        int count = 0;
        pid_t pid;

        printf("%d running\n", getpid());
        sleep(30);
        printf("running\n");

        pid = fork();
        if (pid == -1) {
                printf("fork error\n");
                return;
        }
        if (pid == 0) {
                while (1) {
                        count++;
                }
        } else {
                while (1) {
                        count++;
                }
        }
 }

The testcase first opens an LBR event, so it will allocate task_ctx_data,
and then open tracepoint and software events, so the parent context will
have 3 different perf_event_pmu_contexts. On inheritance, child ctx will
insert the perf_event_pmu_context in another order and the warning will
trigger.

[ mingo: Tidied up the changelog. ]

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.81

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.18

Linux ≫ Linux Kernel Version >= 6.13 < 6.13.6

Linux ≫ Linux Kernel Version6.14 Updaterc1

Linux ≫ Linux Kernel Version6.14 Updaterc2

Linux ≫ Linux Kernel Version6.14 Updaterc3

Linux ≫ Linux Kernel Version6.14 Updaterc4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.032

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.7	1	3.6	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/2016066c66192a99d9e0ebf433789c490a6785a2

Patch

https://git.kernel.org/stable/c/3e812a70732d84b7873cea61a7f6349b9a9dcbf5

Patch

https://git.kernel.org/stable/c/7d582eb6e4e100959ba07083d7563453c8c2a343

Patch

https://git.kernel.org/stable/c/f0c3971405cef6892844016aa710121a02da3a23

Patch

https://nvd.nist.gov/vuln/detail/CVE-2025-21895

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-21895

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-21895

EUVD