CVE-2025-21671

Published: Jan 31, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Which will potentially cause zram_meta_free to access the table if user reset an failed and uninitialized device.

Vendor	Product	Versions
Linux	Linux	affected `ac3b5366b9b7c9d97b606532ceab43d2329a22f3 - < fe3de867f94819ba0f28e035c0b0182150147d95` affected `0b5b0b65561b34e6e360de317e4bcd031bfabf42 - < 571d3f6045cd3a6d9f6aec33b678f3ffe97582ef` affected `6fb92e9a52e3feae309a213950f21dfcd1eb0b40 - < 902ef8f16d5ca77edc77c30656be54186c1e99b7` affected `74363ec674cb172d8856de25776c8f3103f05e2f - < 212fe1c0df4a150fb6298db2cfff267ceaba5402`
Linux	Linux	affected `6.1.122 - < 6.1.127` affected `6.6.68 - < 6.6.74` affected `6.12.7 - < 6.12.11`

References

https://git.kernel.org/stable/c/fe3de867f94819ba0f28e035c0b0182150147d95

https://git.kernel.org/stable/c/571d3f6045cd3a6d9f6aec33b678f3ffe97582ef

https://git.kernel.org/stable/c/902ef8f16d5ca77edc77c30656be54186c1e99b7

https://git.kernel.org/stable/c/212fe1c0df4a150fb6298db2cfff267ceaba5402

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-21671

Description

Affected Products

References