CVE-2025-21871 — Infinite Loop in Linux
Severity
5.5MEDIUMNVD
OSV8.8OSV7.8OSV7.1OSV5.9
EPSS
0.1%
top 74.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 27
Latest updateJan 27
Description
In the Linux kernel, the following vulnerability has been resolved:
tee: optee: Fix supplicant wait loop
OP-TEE supplicant is a user-space daemon and it's possible for it
be hung or crashed or killed in the middle of processing an OP-TEE
RPC call. It becomes more complicated when there is incorrect shutdown
ordering of the supplicant process vs the OP-TEE client application which
can eventually lead to system hang-up waiting for the closure of the
client application.
Allow the client process …
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages7 packages
▶CVEListV5linux/linux4fb0a5eb364d239722e745c02aef0dbd4e0f1ad2 — 3eb4911364c764572e9db4ab900a57689a54e8ce+8