CVE-2025-21998

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer dereference in case of a racing EFI variable access. Make sure that all resources have been set up before registering the efivars.

CVSS v3 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/c4e37b381a7a243c298a4858fc0a5a74e737c79a	Patch
https://git.kernel.org/stable/c/da8d493a80993972c427002684d0742560f3be4a	Patch
https://git.kernel.org/stable/c/f15a2b96a0e41c426c63a932d0e63cde7b9784aa	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.14:rc7::::::

History

10 Apr 2025, 16:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.7
CWE		CWE-476 CWE-367
References	~~() https://git.kernel.org/stable/c/c4e37b381a7a243c298a4858fc0a5a74e737c79a -~~	() https://git.kernel.org/stable/c/c4e37b381a7a243c298a4858fc0a5a74e737c79a - Patch
References	~~() https://git.kernel.org/stable/c/da8d493a80993972c427002684d0742560f3be4a -~~	() https://git.kernel.org/stable/c/da8d493a80993972c427002684d0742560f3be4a - Patch
References	~~() https://git.kernel.org/stable/c/f15a2b96a0e41c426c63a932d0e63cde7b9784aa -~~	() https://git.kernel.org/stable/c/f15a2b96a0e41c426c63a932d0e63cde7b9784aa - Patch
CPE		cpe:2.3:o:linux:linux_kernel:6.14:rc7:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.14:rc5:::::: cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux linux Kernel Linux

07 Apr 2025, 14:18

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: qcom: uefisecapp: corrección de la ejecución de registro de efivars. Desde la conversión al uso del asignador TZ, el servicio efivars se registra antes de asignar el pool de memoria, lo que puede provocar una desreferencia de puntero nulo en caso de un acceso a variable EFI en ejecución. Asegúrese de que todos los recursos estén configurados antes de registrar las efivars.

03 Apr 2025, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-03 08:15

Updated : 2025-04-10 16:15

NVD link : CVE-2025-21998

Mitre link : CVE-2025-21998

CVE.ORG link : CVE-2025-21998

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-476

NULL Pointer Dereference

4.7 /10