ghsa-hfgc-7c7c-g6r6
Vulnerability from github
Published
2025-02-27 03:34
Modified
2025-03-13 15:32
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: Fix class @block_class's subsystem refcount leakage

blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init|next)(), but does not end iterating with class_dev_iter_exit(), so causes the class's subsystem refcount leakage.

Fix by ending the iterating with class_dev_iter_exit().

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2025-21745"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-27T03:15:15Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
  "id": "GHSA-hfgc-7c7c-g6r6",
  "modified": "2025-03-13T15:32:50Z",
  "published": "2025-02-27T03:34:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21745"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2ce09aabe009453d641a2ceb79e6461a2d4f3876"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/38287f779b34dfe959b4b681e909f2d3d52b88be"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/431b6ef2714be4d5babb802114987541a88b43b0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/67c7f213e052b1aa6caba4a7e25e303bc6997126"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/993121481b5a87829f1e8163f47158b72679f309"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d1248436cbef1f924c04255367ff4845ccd9025e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ffb494f1e7a047bd7a41b13796fcfb08fe5beafb"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.