CVE-2025-21811
Published: Feb 27, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfs_lookup_dirty_data_buffers(), which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For data cache, nilfs_clear_folio_dirty() may be called asynchronously when the file system degenerates to read only, so nilfs_lookup_dirty_data_buffers() still has the potential to cause use after free issues when buffers lose the protection of their dirty state midway due to this asynchronous clearing and are unintentionally freed by try_to_free_buffers(). Eliminate this race issue by adjusting the lock section in this function.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8c26c4e2694a163d525976e804d81cd955bbb40c - < e1fc4a90a90ea8514246c45435662531975937d9affected 8c26c4e2694a163d525976e804d81cd955bbb40c - < 72cf688d0ce7e642b12ddc9b2a42524737ec1b4aaffected 8c26c4e2694a163d525976e804d81cd955bbb40c - < d8ff250e085a4c4cdda4ad1cdd234ed110393143affected 8c26c4e2694a163d525976e804d81cd955bbb40c - < 58c27fa7a610b6e8d44e6220e7dbddfbaccaf439affected 8c26c4e2694a163d525976e804d81cd955bbb40c - < 8e1b9201c9a24638cf09c6e1c9f224157328010b+3 more versions |
Linux | Linux | affected 3.10unaffected 0 - < 3.10unaffected 5.4.291 - <= 5.4.*unaffected 5.10.235 - <= 5.10.*unaffected 5.15.179 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now