CVE-2025-21881 — Linux vulnerability
40 documents7 sources
Severity
5.5MEDIUMNVD
OSV4.7
EPSS
0.1%
top 76.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 27
Latest updateOct 15
Description
In the Linux kernel, the following vulnerability has been resolved:
uprobes: Reject the shared zeropage in uprobe_write_opcode()
We triggered the following crash in syzkaller tests:
BUG: Bad page state in process syz.7.38 pfn:1eff3
page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3
flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)
raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000
raw: 0000000000000000 0000000000000000…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages9 packages
▶CVEListV5linux/linux2b144498350860b6ee9dc57ff27a93ad488de5dc — c4cb2bfa99513311886c1eb5c1c2ac26f3338a6e+5