CVE-2025-21902 — Improper Synchronization in Linux
Severity
5.5MEDIUMNVD
OSV5.9
EPSS
0.0%
top 84.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 1
Latest updateJul 8
Description
In the Linux kernel, the following vulnerability has been resolved:
acpi: typec: ucsi: Introduce a ->poll_cci method
For the ACPI backend of UCSI the UCSI "registers" are just a memory copy
of the register values in an opregion. The ACPI implementation in the
BIOS ensures that the opregion contents are synced to the embedded
controller and it ensures that the registers (in particular CCI) are
synced back to the opregion on notifications. While there is an ACPI call
that syncs the actual regist…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linuxc0ca6fd5f6ebde8fc0df8bb5c32629d1284f60d0 — 012b98cdb54c7d47743ee7fc402fa23f2d90529a+3
Patches
🔴Vulnerability Details
6OSV▶
linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities↗2025-06-30
GHSA▶
GHSA-w69j-ppp7-83pp: In the Linux kernel, the following vulnerability has been resolved:
acpi: typec: ucsi: Introduce a ->poll_cci method
For the ACPI backend of UCSI th↗2025-04-01