CVE-2025-21896Use After Free in Linux

CWE-416Use After FreeCWE-911Improper Update of Reference Count5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 69.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 1

Description

In the Linux kernel, the following vulnerability has been resolved: fuse: revert back to __readahead_folio() for readahead In commit 3eab9d7bc2f4 ("fuse: convert readahead to use folios"), the logic was converted to using the new folio readahead code, which drops the reference on the folio once it is locked, using an inferred reference on the folio. Previously we held a reference on the folio for the entire duration of the readpages call. This is fine, however for the case for splice pipe res

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel6.136.13.6+1
CVEListV5linux/linux3eab9d7bc2f4ae7f3f9c9c7852ff61600df7985660db11f1b7fba4a66b117ea998d965818784a98d+2
debiandebian/linux

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-4r9v-r5j3-85m7: In the Linux kernel, the following vulnerability has been resolved: fuse: revert back to __readahead_folio() for readahead In commit 3eab9d7bc2f4 ("2025-04-01
OSV
CVE-2025-21896: In the Linux kernel, the following vulnerability has been resolved: fuse: revert back to __readahead_folio() for readahead In commit 3eab9d7bc2f4 ("fu2025-04-01

📋Vendor Advisories

2
Red Hat
kernel: fuse: revert back to __readahead_folio() for readahead2025-04-01
Debian
CVE-2025-21896: linux - In the Linux kernel, the following vulnerability has been resolved: fuse: rever...2025
CVE-2025-21896 — Use After Free in Linux | cvebase