CVE-2025-21866

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.13

Description: A vulnerability has been resolved in the Linux kernel related to the powerpc/code-patching infrastructure. The issue was reported by Erhard while booting a PowerMac G4 with a KASAN-enabled kernel 6.13-rc6, resulting in a KASAN hit. The problem occurs because the text patching area is flagged as VM ALLOC, which is meant for vmalloc() allocated memory. However, the area allocated by text area cpu up() is not vmalloc memory and is mapped directly on demand when needed by map kernel page(). The fix involves not flagging the text patching area as VM ALLOC, allowing the area to be unpoisoned and usable immediately.

Recommendations: For Linux kernel versions prior to 6.13, update to version 6.13 or later to resolve the issue. As a temporary workaround, consider disabling the text patching infrastructure until a patch is available. Restrict access to the vulnerable area to minimize the risk of exploitation. Avoid using the affected kernel functions until the issue is resolved.