CVE-2025-21908

{"id": "CVE-2025-21908", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-04-01T16:15:21.323", "references": [{"url": "https://git.kernel.org/stable/c/5ae31c54cff745832b9bd5b32e71f3d1b607cd1e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/8253ff29edcb429a9a6c75710941c6a16a9a34b1", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ab0727d6e2196682351c25c1dd112136f6991f11", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ce6d9c1c2b5cc785016faa11b48b6cd317eb367e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-667"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\n\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\n\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\nmount on the same host, NFSD blocks waiting for XFS's call to\n__filemap_get_folio):\n\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\n\n{---\n[58] \"kcompactd0\"\n[<0>] folio_wait_bit+0xe8/0x200\n[<0>] folio_wait_writeback+0x2b/0x80\n[<0>] nfs_wb_folio+0x80/0x1b0 [nfs]\n[<0>] nfs_release_folio+0x68/0x130 [nfs]\n[<0>] split_huge_page_to_list_to_order+0x362/0x840\n[<0>] migrate_pages_batch+0x43d/0xb90\n[<0>] migrate_pages_sync+0x9a/0x240\n[<0>] migrate_pages+0x93c/0x9f0\n[<0>] compact_zone+0x8e2/0x1030\n[<0>] compact_node+0xdb/0x120\n[<0>] kcompactd+0x121/0x2e0\n[<0>] kthread+0xcf/0x100\n[<0>] ret_from_fork+0x31/0x40\n[<0>] ret_from_fork_asm+0x1a/0x30\n---}\n\n[akpm@linux-foundation.org: fix build]"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFS: se corrige que nfs_release_folio() no se bloquee mediante la reescritura de kcompactd. Se a\u00f1ade el indicador PF_KCOMPACTD y el asistente current_is_kcompactd() para comprobarlo, de modo que nfs_release_folio() pueda omitir la llamada a nfs_wb_folio() desde kcompactd. De lo contrario, NFS puede bloquearse a la espera de la reescritura inducida por kcompactd, que recurre a NFS (lo que activa la reescritura en NFSD mediante el montaje de bucle invertido de NFS en el mismo host; NFSD se bloquea a la espera de la llamada de XFS a __filemap_get_folio): 6070.550357] INFORMACI\u00d3N: la tarea kcompactd0:58 ha estado bloqueada durante m\u00e1s de 4435 segundos. {--- [58] \"kcompactd0\" [&lt;0&gt;] folio_wait_bit+0xe8/0x200 [&lt;0&gt;] folio_wait_writeback+0x2b/0x80 [&lt;0&gt;] nfs_wb_folio+0x80/0x1b0 [nfs] [&lt;0&gt;] nfs_release_folio+0x68/0x130 [nfs] [&lt;0&gt;] split_huge_page_to_list_to_order+0x362/0x840 [&lt;0&gt;] migrate_pages_batch+0x43d/0xb90 [&lt;0&gt;] migrate_pages_sync+0x9a/0x240 [&lt;0&gt;] migrate_pages+0x93c/0x9f0 [&lt;0&gt;] compact_zone+0x8e2/0x1030 [&lt;0&gt;] compact_node+0xdb/0x120 [&lt;0&gt;] kcompactd+0x121/0x2e0 [&lt;0&gt;] kthread+0xcf/0x100 [&lt;0&gt;] ret_from_fork+0x31/0x40 [&lt;0&gt;] ret_from_fork_asm+0x1a/0x30 ---} [akpm@linux-foundation.org: correcci\u00f3n de compilaci\u00f3n]"}], "lastModified": "2025-04-15T16:59:27.297", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A03BD908-74B6-4371-B16D-FAEE17484A4C", "versionEndExcluding": "6.6.83", "versionStartIncluding": "6.3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32865E5C-8AE1-4D3D-A64D-299039694A88", "versionEndExcluding": "6.12.19", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "842F5A44-3E71-4546-B4FD-43B0ACE3F32B", "versionEndExcluding": "6.13.7", "versionStartIncluding": "6.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "186716B6-2B66-4BD0-852E-D48E71C0C85F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D3E781C-403A-498F-9DA9-ECEE50F41E75"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66619FB8-0AAF-4166-B2CF-67B24143261D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3D6550E-6679-4560-902D-AF52DCFE905B"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45B90F6B-BEC7-4D4E-883A-9DBADE021750"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}