CVE-2025-21671

Description

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Which will potentially cause zram_meta_free to access the table if user reset an failed and uninitialized device.

Reserved 2024-12-29 | Published 2025-01-31 | Updated 2025-02-10 | Assigner Linux

Product status

Default status
unaffected

ac3b5366b9b7c9d97b606532ceab43d2329a22f3 before fe3de867f94819ba0f28e035c0b0182150147d95
affected

0b5b0b65561b34e6e360de317e4bcd031bfabf42 before 571d3f6045cd3a6d9f6aec33b678f3ffe97582ef
affected

6fb92e9a52e3feae309a213950f21dfcd1eb0b40 before 902ef8f16d5ca77edc77c30656be54186c1e99b7
affected

74363ec674cb172d8856de25776c8f3103f05e2f before 212fe1c0df4a150fb6298db2cfff267ceaba5402
affected

Default status
unaffected

6.1.122 before 6.1.127
affected

6.6.68 before 6.6.74
affected

6.12.7 before 6.12.11
affected

References

git.kernel.org/...c/fe3de867f94819ba0f28e035c0b0182150147d95

git.kernel.org/...c/571d3f6045cd3a6d9f6aec33b678f3ffe97582ef

git.kernel.org/...c/902ef8f16d5ca77edc77c30656be54186c1e99b7

git.kernel.org/...c/212fe1c0df4a150fb6298db2cfff267ceaba5402

cve.org (CVE-2025-21671)

nvd.nist.gov (CVE-2025-21671)

Download JSON