What is the severity of CVE-2025-21709?

CVE-2025-21709 has a moderate severity level due to potential unsafe states in the maple tree structure if memory allocation fails.

How do I fix CVE-2025-21709?

Fix CVE-2025-21709 by updating to the latest version of the Linux Kernel where the vulnerability has been resolved.

Who is affected by CVE-2025-21709?

CVE-2025-21709 affects systems running the Linux Kernel, particularly those that may experience memory allocation failure during dup_mmap().

What causes the vulnerability CVE-2025-21709?

CVE-2025-21709 is caused by improper handling of memory allocation failures in the dup_mmap() function, potentially leaving the maple tree in an unsafe state.

Is CVE-2025-21709 a local or remote vulnerability?

CVE-2025-21709 is considered a local vulnerability, as it requires local access to the affected system to exploit.

Vulnerability/
CVE-2025-21709

27/2/2025

24/3/2025

CVE-2025-21709: kernel: be more careful about dup_mmap() failures and uprobe registering

First published: Thu Feb 27 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: kernel: be more careful about dup_mmap() failures and uprobe registering If a memory allocation fails during dup_mmap(), the maple tree can be left in an unsafe state for other iterators besides the exit path. All the locks are dropped before the exit_mmap() call (in mm/mmap.c), but the incomplete mm_struct can be reached through (at least) the rmap finding the vmas which have a pointer back to the mm_struct. Up to this point, there have been no issues with being able to find an mm_struct that was only partially initialised. Syzbot was able to make the incomplete mm_struct fail with recent forking changes, so it has been proven unsafe to use the mm_struct that hasn't been initialised, as referenced in the link below. Although 8ac662f5da19f ("fork: avoid inappropriate uprobe access to invalid mm") fixed the uprobe access, it does not completely remove the race. This patch sets the MMF_OOM_SKIP to avoid the iteration of the vmas on the oom side (even though this is extremely unlikely to be selected as an oom victim in the race window), and sets MMF_UNSTABLE to avoid other potential users from using a partially initialised mm_struct. When registering vmas for uprobe, skip the vmas in an mm that is marked unstable. Modifying a vma in an unstable mm may cause issues if the mm isn't fully initialised.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	<=latest

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-21709?
CVE-2025-21709 has a moderate severity level due to potential unsafe states in the maple tree structure if memory allocation fails.
How do I fix CVE-2025-21709?
Fix CVE-2025-21709 by updating to the latest version of the Linux Kernel where the vulnerability has been resolved.
Who is affected by CVE-2025-21709?
CVE-2025-21709 affects systems running the Linux Kernel, particularly those that may experience memory allocation failure during dup_mmap().
What causes the vulnerability CVE-2025-21709?
CVE-2025-21709 is caused by improper handling of memory allocation failures in the dup_mmap() function, potentially leaving the maple tree in an unsafe state.
Is CVE-2025-21709 a local or remote vulnerability?
CVE-2025-21709 is considered a local vulnerability, as it requires local access to the affected system to exploit.

collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/type
agent/title
agent/last-modified-date
agent/references
agent/author
agent/source
agent/description
agent/event
agent/first-publish-date
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
vendor/linux foundation
canonical/linux kernel