Use After Free in kernel-devel-matched | CVE-2025-21655

Threat Intelligence

0.02% (5^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Use After Free vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-ALMALINUX10-KERNELDEVELMATCHED-14118294
published26 Nov 2025
disclosed11 Nov 2025

Report a new vulnerability Found a mistake?

Introduced: 11 Nov 2025

CVE-2025-21655 (opens in a new tab) CWE-416 (opens in a new tab)

Amendment

The AlmaLinux security team deemed this advisory irrelevant for AlmaLinux:10.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-devel-matched package and not the kernel-devel-matched package as distributed by AlmaLinux.

In the Linux kernel, the following vulnerability has been resolved:

io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period

io_eventfd_do_signal() is invoked from an RCU callback, but when dropping the reference to the io_ev_fd, it calls io_eventfd_free() directly if the refcount drops to zero. This isn't correct, as any potential freeing of the io_ev_fd should be deferred another RCU grace period.

Just call io_eventfd_put() rather than open-code the dec-and-test and free, which will correctly defer it another RCU grace period.

Use After Free The advisory has been revoked - it doesn't affect any version of package kernel-devel-matched (opens in a new tab)