5.5
CVE-2025-21988
- EPSS 0.17%
- Veröffentlicht 02.04.2025 13:15:43
- Zuletzt bearbeitet 04.11.2025 18:56:57
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
fs/netfs/read_collect: add to next->prev_donated
In the Linux kernel, the following vulnerability has been resolved:
fs/netfs/read_collect: add to next->prev_donated
If multiple subrequests donate data to the same "next" request
(depending on the subrequest completion order), each of them would
overwrite the `prev_donated` field, causing data corruption and a
BUG() crash ("Can't donate prior to front").Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.12 < 6.12.20
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.8
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.071 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/e25cec3b76aba47a49138d2162fc809c6cd49c9e
https://git.kernel.org/stable/c/62b9ad7e52d4777f7e775ee1f0ad2452f6041024
https://git.kernel.org/stable/c/e2d46f2ec332533816417b60933954173f602121