What is the severity of CVE-2025-21661?

CVE-2025-21661 is classified as a medium severity vulnerability in the Linux kernel.

How do I fix CVE-2025-21661?

The fix for CVE-2025-21661 involves applying the latest patch provided by the Linux kernel maintainers.

Which versions of Linux are affected by CVE-2025-21661?

CVE-2025-21661 affects specific versions of the Linux kernel that implement the virtuser device through configfs.

What is the impact of CVE-2025-21661?

The impact of CVE-2025-21661 is that a failed probe due to an incorrect lookup table prevents subsequent probes from being executed.

When was CVE-2025-21661 discovered?

CVE-2025-21661 was discovered and resolved in the Linux kernel as part of the ongoing security updates.

Vulnerability/
CVE-2025-21661

EPSS

0.043%

21/1/2025

CVE-2025-21661: gpio: virtuser: fix missing lookup table cleanups

First published: Tue Jan 21 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from succeeding, even if the issue is corrected, unless the device is released. Additionally, cleanup is also needed in the less likely case of platform_device_register_full() failure. Besides, a consistent memory leak in lookup_table->dev_id was spotted using kmemleak by toggling the live state between 0 and 1 with a correct lookup table. Introduce gpio_virtuser_remove_lookup_table() as the counterpart to the existing gpio_virtuser_make_lookup_table() and call it from all necessary points to ensure proper cleanup.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-21661?
CVE-2025-21661 is classified as a medium severity vulnerability in the Linux kernel.
How do I fix CVE-2025-21661?
The fix for CVE-2025-21661 involves applying the latest patch provided by the Linux kernel maintainers.
Which versions of Linux are affected by CVE-2025-21661?
CVE-2025-21661 affects specific versions of the Linux kernel that implement the virtuser device through configfs.
What is the impact of CVE-2025-21661?
The impact of CVE-2025-21661 is that a failed probe due to an incorrect lookup table prevents subsequent probes from being executed.
When was CVE-2025-21661 discovered?
CVE-2025-21661 was discovered and resolved in the Linux kernel as part of the ongoing security updates.

collector/mitre-cve
source/MITRE
agent/references
agent/title
agent/first-publish-date
agent/description
agent/type
collector/nvd-api
source/NVD
agent/last-modified-date
agent/author
agent/event
agent/softwarecombine
agent/source
agent/tags
collector/epss-latest
source/FIRST
agent/epss
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.