CVE-2025-21947Race Condition in Linux

CWE-362Race Condition42 documents7 sources
Severity
4.7MEDIUMNVD
OSV5.9OSV5.5
EPSS
0.1%
top 68.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
LinuxLinux KernelDebian Linux+6 more
Timeline
PublishedApr 1
Latest updateOct 15

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipc_msg_send_request req->handle is allocated using ksmbd_acquire_id(&ipc_ida), based on ida_alloc. req->handle from ksmbd_ipc_login_request and FSCTL_PIPE_TRANSCEIVE ioctl can be same and it could lead to type confusion between messages, resulting in access to unexpected parts of memory after an incorrect delivery. ksmbd check type of ipc response but missing add continu

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages11 packages

NVDlinux/linux_kernel5.156.1.131+4
Debianlinux/linux_kernel< 6.1.133-1+2
Ubuntulinux/linux_kernel< 6.8.0-84.84

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

20
OSV
linux-oracle-6.8 vulnerabilities2025-10-15
OSV
linux-azure-nvidia vulnerabilities2025-10-08
OSV
linux-oracle vulnerabilities2025-10-06
OSV
linux-azure, linux-azure-6.8 vulnerabilities2025-10-02
OSV
linux-raspi-realtime vulnerabilities2025-10-02

📋Vendor Advisories

21
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-10-15
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities2025-10-08
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-10-06
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-10-02
Ubuntu
Linux kernel (HWE) vulnerabilities2025-10-02
CVE-2025-21947 — Race Condition in Linux | cvebase