CVE-2025-21668Infinite Loop in Linux

CWE-835Infinite Loop24 documents6 sources
Severity
5.5MEDIUMNVD
OSV5.9
EPSS
0.0%
top 96.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedJan 31
Latest updateJul 17

Description

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: add missing loop break condition Currently imx8mp_blk_ctrl_remove() will continue the for loop until an out-of-bounds exception occurs. pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : dev_pm_domain_detach+0x8/0x48 lr : imx8mp_blk_ctrl_shutdown+0x58/0x90 sp : ffffffc084f8bbf0 x29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000 x26: ffffffc081658d78 x25: 000000000000

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel5.196.1.127+3
Debianlinux/linux_kernel< 6.1.128-1+2
Ubuntulinux/linux_kernel< 6.8.0-62.65
CVEListV5linux/linux556f5cf9568af772d494cff24ffaa7ea41e1ab40699cc10cc3068f9097a506eae7fe178c860dca4e+4
debiandebian/linux< linux 6.1.128-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

12
OSV
linux-hwe-6.8 vulnerabilities2025-07-17
OSV
linux-gcp, linux-gcp-6.8 vulnerabilities2025-06-30
OSV
linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities2025-06-26
OSV
linux-raspi-realtime vulnerabilities2025-06-25
OSV
linux-azure-nvidia vulnerabilities2025-06-25

📋Vendor Advisories

11
Ubuntu
Linux kernel (HWE) vulnerabilities2025-07-17
Ubuntu
Linux kernel vulnerabilities2025-06-30
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities2025-06-25
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-06-25
Ubuntu
Linux kernel (Azure) vulnerabilities2025-06-24