PT-2025-13209 · Linux+5 · Linux Kernel+5

Published

2025-02-26

·

Updated

2026-05-26

·

CVE-2025-21872

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved, related to the validation of the mokvar table. The issue occurs when the table grows over a certain size, causing a failure and traceback due to limitations of early memmap(). The problem arises from mapping the entire table on each iteration of the loop, which is unnecessary. The changes made to efi mokvar table init() now only map each entry header, not the entire table, when determining the table size. This also enforces that each variable name is NUL terminated.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Infinite Loop

Weakness Enumeration

CWE-835

Related Identifiers

AZL-69491
BDU:2025-03744
CVE-2025-21872
DLA-4178-1
ECHO-79A4-900B-671E
OESA-2025-1625
OESA-2025-1629
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7764-1
USN-7764-2
USN-7765-1
USN-7766-1
USN-7767-1
USN-7767-2
USN-7779-1
USN-7790-1
USN-7800-1
USN-7801-1
USN-7801-2
USN-7801-3
USN-7802-1
USN-7809-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu