VULNERABILITY

Ubuntu: (Multiple Advisories) (CVE-2025-21722): Linux kernel vulnerabilities

Try Surface Command Get a continuous 360° view of your attack surface
Back to Search

Ubuntu: (Multiple Advisories) (CVE-2025-21722): Linux kernel vulnerabilities

Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
02/27/2025
Created
05/21/2025
Added
05/20/2025
Modified
05/22/2025

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not force clear folio if buffer is referenced Patch series "nilfs2: protect busy buffer heads from being force-cleared". This series fixes the buffer head state inconsistency issues reported by syzbot that occurs when the filesystem is corrupted and falls back to read-only, and the associated buffer head use-after-free issue. This patch (of 2): Syzbot has reported that after nilfs2 detects filesystem corruption and falls back to read-only, inconsistencies in the buffer state may occur. One of the inconsistencies is that when nilfs2 calls mark_buffer_dirty() to set a data or metadata buffer as dirty, but it detects that the buffer is not in the uptodate state: WARNING: CPU: 0 PID: 6049 at fs/buffer.c:1177 mark_buffer_dirty+0x2e5/0x520 fs/buffer.c:1177 ... Call Trace: <TASK> nilfs_palloc_commit_alloc_entry+0x4b/0x160 fs/nilfs2/alloc.c:598 nilfs_ifile_create_inode+0x1dd/0x3a0 fs/nilfs2/ifile.c:73 nilfs_new_inode+0x254/0x830 fs/nilfs2/inode.c:344 nilfs_mkdir+0x10d/0x340 fs/nilfs2/namei.c:218 vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257 do_mkdirat+0x264/0x3a0 fs/namei.c:4280 __do_sys_mkdirat fs/namei.c:4295 [inline] __se_sys_mkdirat fs/namei.c:4293 [inline] __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f The other is when nilfs_btree_propagate(), which propagates the dirty state to the ancestor nodes of a b-tree that point to a dirty buffer, detects that the origin buffer is not dirty, even though it should be: WARNING: CPU: 0 PID: 5245 at fs/nilfs2/btree.c:2089 nilfs_btree_propagate+0xc79/0xdf0 fs/nilfs2/btree.c:2089 ... Call Trace: <TASK> nilfs_bmap_propagate+0x75/0x120 fs/nilfs2/bmap.c:345 nilfs_collect_file_data+0x4d/0xd0 fs/nilfs2/segment.c:587 nilfs_segctor_apply_buffers+0x184/0x340 fs/nilfs2/segment.c:1006 nilfs_segctor_scan_file+0x28c/0xa50 fs/nilfs2/segment.c:1045 nilfs_segctor_collect_blocks fs/nilfs2/segment.c:1216 [inline] nilfs_segctor_collect fs/nilfs2/segment.c:1540 [inline] nilfs_segctor_do_construct+0x1c28/0x6b90 fs/nilfs2/segment.c:2115 nilfs_segctor_construct+0x181/0x6b0 fs/nilfs2/segment.c:2479 nilfs_segctor_thread_construct fs/nilfs2/segment.c:2587 [inline] nilfs_segctor_thread+0x69e/0xe80 fs/nilfs2/segment.c:2701 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> Both of these issues are caused by the callbacks that handle the page/folio write requests, forcibly clear various states, including the working state of the buffers they hold, at unexpected times when they detect read-only fallback. Fix these issues by checking if the buffer is referenced before clearing the page/folio state, and skipping the clear if it is.

Solution(s)

  • ubuntu-upgrade-linux-image-5-15-0-1037-nvidia-tegra
  • ubuntu-upgrade-linux-image-5-15-0-1037-nvidia-tegra-rt
  • ubuntu-upgrade-linux-image-5-15-0-1066-gkeop
  • ubuntu-upgrade-linux-image-5-15-0-1076-ibm
  • ubuntu-upgrade-linux-image-5-15-0-1077-intel-iot-realtime
  • ubuntu-upgrade-linux-image-5-15-0-1078-nvidia
  • ubuntu-upgrade-linux-image-5-15-0-1078-nvidia-lowlatency
  • ubuntu-upgrade-linux-image-5-15-0-1079-intel-iotg
  • ubuntu-upgrade-linux-image-5-15-0-1080-kvm
  • ubuntu-upgrade-linux-image-5-15-0-1081-gke
  • ubuntu-upgrade-linux-image-5-15-0-1081-oracle
  • ubuntu-upgrade-linux-image-5-15-0-1083-gcp
  • ubuntu-upgrade-linux-image-5-15-0-1083-gcp-fips
  • ubuntu-upgrade-linux-image-5-15-0-1084-realtime
  • ubuntu-upgrade-linux-image-5-15-0-1089-azure
  • ubuntu-upgrade-linux-image-5-15-0-1089-azure-fips
  • ubuntu-upgrade-linux-image-5-15-0-140-fips
  • ubuntu-upgrade-linux-image-5-15-0-140-generic
  • ubuntu-upgrade-linux-image-5-15-0-140-generic-64k
  • ubuntu-upgrade-linux-image-5-15-0-140-generic-lpae
  • ubuntu-upgrade-linux-image-5-15-0-140-lowlatency
  • ubuntu-upgrade-linux-image-5-15-0-140-lowlatency-64k
  • ubuntu-upgrade-linux-image-5-4-0-1064-xilinx-zynqmp
  • ubuntu-upgrade-linux-image-5-4-0-1092-ibm
  • ubuntu-upgrade-linux-image-5-4-0-1133-kvm
  • ubuntu-upgrade-linux-image-5-4-0-1144-oracle
  • ubuntu-upgrade-linux-image-5-4-0-1149-gcp
  • ubuntu-upgrade-linux-image-5-4-0-1149-gcp-fips
  • ubuntu-upgrade-linux-image-5-4-0-1151-azure
  • ubuntu-upgrade-linux-image-5-4-0-1151-azure-fips
  • ubuntu-upgrade-linux-image-5-4-0-216-generic
  • ubuntu-upgrade-linux-image-5-4-0-216-generic-lpae
  • ubuntu-upgrade-linux-image-5-4-0-216-lowlatency
  • ubuntu-upgrade-linux-image-azure
  • ubuntu-upgrade-linux-image-azure-cvm
  • ubuntu-upgrade-linux-image-azure-fips
  • ubuntu-upgrade-linux-image-azure-lts-20-04
  • ubuntu-upgrade-linux-image-azure-lts-22-04
  • ubuntu-upgrade-linux-image-fips
  • ubuntu-upgrade-linux-image-gcp
  • ubuntu-upgrade-linux-image-gcp-fips
  • ubuntu-upgrade-linux-image-gcp-lts-20-04
  • ubuntu-upgrade-linux-image-gcp-lts-22-04
  • ubuntu-upgrade-linux-image-generic
  • ubuntu-upgrade-linux-image-generic-64k
  • ubuntu-upgrade-linux-image-generic-lpae
  • ubuntu-upgrade-linux-image-gke
  • ubuntu-upgrade-linux-image-gke-5-15
  • ubuntu-upgrade-linux-image-gkeop
  • ubuntu-upgrade-linux-image-gkeop-5-15
  • ubuntu-upgrade-linux-image-ibm
  • ubuntu-upgrade-linux-image-intel-iot-realtime
  • ubuntu-upgrade-linux-image-intel-iotg
  • ubuntu-upgrade-linux-image-kvm
  • ubuntu-upgrade-linux-image-lowlatency
  • ubuntu-upgrade-linux-image-lowlatency-64k
  • ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
  • ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
  • ubuntu-upgrade-linux-image-nvidia
  • ubuntu-upgrade-linux-image-nvidia-lowlatency
  • ubuntu-upgrade-linux-image-nvidia-tegra
  • ubuntu-upgrade-linux-image-nvidia-tegra-rt
  • ubuntu-upgrade-linux-image-oem
  • ubuntu-upgrade-linux-image-oem-osp1
  • ubuntu-upgrade-linux-image-oracle
  • ubuntu-upgrade-linux-image-oracle-lts-20-04
  • ubuntu-upgrade-linux-image-oracle-lts-22-04
  • ubuntu-upgrade-linux-image-realtime
  • ubuntu-upgrade-linux-image-virtual
  • ubuntu-upgrade-linux-image-xilinx-zynqmp

References

View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;