CVE-2025-71225

CWE-3678 documents8 sources
Severity
5.3MEDIUM
EPSS
0.0%
top 97.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 18

Description

In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raid_disks via sysfs In raid1_reshape(), freeze_array() is called before modifying the r1bio memory pool (conf->r1bio_pool) and conf->raid_disks, and unfreeze_array() is called after the update is completed. However, freeze_array() only waits until nr_sync_pending and (nr_pending - nr_queued) of all buckets reaches zero. When an I/O error occurs, nr_queued is increased and the corresponding r1

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:HExploitability: 1.0 | Impact: 4.2

Affected Packages3 packages

NVDlinux/linux_kernel3.4.593.5+5
CVEListV5linux/linuxe2d59925221cd562e07fee38ec8839f7209ae603165d1359f945b72c5f90088f60d48ff46115269e+5
Debianlinux< 6.12.73-1+1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
CVEList
md: suspend array while updating raid_disks via sysfs2026-02-18
GHSA
GHSA-hr98-gm7c-926r: In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raid_disks via sysfs In raid1_reshape(), freeze2026-02-18
OSV
CVE-2025-71225: In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raid_disks via sysfs In raid1_reshape(), freeze_a2026-02-18

📋Vendor Advisories

3
Red Hat
kernel: md: suspend array while updating raid_disks via sysfs2026-02-18
Microsoft
md: suspend array while updating raid_disks via sysfs2026-02-10
Debian
CVE-2025-71225: linux - In the Linux kernel, the following vulnerability has been resolved: md: suspend...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-71225 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-71225 (MEDIUM CVSS 5.3) | In the Linux kernel | cvebase.io