CVE-2025-21712 Affecting kernel-rt-kvm package, versions *
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-RHEL7-KERNELRTKVM-9032787
- published2 Mar 2025
- disclosed27 Feb 2025
Introduced: 27 Feb 2025
NewCVE-2025-21712 (opens in a new tab)How to fix?
There is no fixed version for RHEL:7 kernel-rt-kvm.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-rt-kvm package and not the kernel-rt-kvm package as distributed by RHEL.
See How to fix? for RHEL:7 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime
After commit ec6bb299c7c3 ("md/md-bitmap: add 'sync_size' into struct md_bitmap_stats"), following panic is reported:
Oops: general protection fault, probably for non-canonical address RIP: 0010:bitmap_get_stats+0x2b/0xa0 Call Trace: <TASK> md_seq_show+0x2d2/0x5b0 seq_read_iter+0x2b9/0x470 seq_read+0x12f/0x180 proc_reg_read+0x57/0xb0 vfs_read+0xf6/0x380 ksys_read+0x6c/0xf0 do_syscall_64+0x82/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e
Root cause is that bitmap_get_stats() can be called at anytime if mddev is still there, even if bitmap is destroyed, or not fully initialized. Deferenceing bitmap in this case can crash the kernel. Meanwhile, the above commit start to deferencing bitmap->storage, make the problem easier to trigger.
Fix the problem by protecting bitmap_get_stats() with bitmap_info.mutex.
References
- https://access.redhat.com/security/cve/CVE-2025-21712
- https://git.kernel.org/stable/c/237e19519c8ff6949f0ef57c4a0243f5b2b0fa18
- https://git.kernel.org/stable/c/4e9316eee3885bfb311b4759513f2ccf37891c09
- https://git.kernel.org/stable/c/8d28d0ddb986f56920ac97ae704cc3340a699a30
- https://git.kernel.org/stable/c/52848a095b55a302af92f52ca0de5b3112059bb8