CVE-2025-21701Race Condition in Linux

CWE-362Race Condition48 documents8 sources
Severity
4.7MEDIUMNVD
OSV8.8OSV7.8OSV5.5
EPSS
0.0%
top 97.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
LinuxLinux KernelDebian Linux+2 more
Timeline
PublishedFeb 13
Latest updateSep 3

Description

In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120 CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771 RIP: 0010:__mutex_lock+0xc8a/0x1120 Call Trace: ethtool_check_m

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages7 packages

NVDlinux/linux_kernel5.10.875.11+6
Debianlinux/linux_kernel< 6.1.129-1+2
Ubuntulinux/linux_kernel< 5.15.0-138.148+1
CVEListV5linux/linuxcfd719f04267108f5f5bf802b9d7de69e99a99f926bc6076798aa4dc83a07d0a386f9e57c94e8517+7
debiandebian/linux< linux 6.1.129-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

23
OSV
CVE-2025-21701: In ethnl_ops_begin of netlink2025-09-01
OSV
linux-raspi vulnerabilities2025-05-26
OSV
linux-raspi-realtime vulnerabilities2025-05-20
OSV
linux-xilinx-zynqmp vulnerabilities2025-05-02
OSV
linux-aws-5.15 vulnerabilities2025-04-29

📋Vendor Advisories

24
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2025-217012025-09-03
CISA ICS
Siemens SIMATIC S7-1500 CPU Family2025-06-12
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-26
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-05-20
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities2025-05-02