PT-2025-13217 · Linux+4 · Linux Kernel+4

Published

2025-02-21

Updated

2026-04-20

CVE-2025-21880

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the handling of EFAULT errors in the Linux kernel, specifically in the drm/xe/userptr module. Currently, EFAULT errors from hmm range fault() are treated as non-fatal when called from xe vm userptr pin(), with the assumption that the user has unmapped the memory or has no intention of accessing it from the GPU. However, it is possible for the userptr vma to still be on the rebind list in preempt rebind work func() if the pin fails and needs to be retried, leading to a fatal error. This explains an internal user report of hitting a warning message.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

BDU:2025-03678

CVE-2025-21880

SUSE-SU-2025:02254-1

SUSE-SU-2025:02307-1

SUSE-SU-2025:02333-1

SUSE-SU-2025_02254-1

SUSE-SU-2025_02307-1

SUSE-SU-2025_02333-1

USN-7764-1

USN-7764-2

USN-7765-1

USN-7766-1

USN-7767-1

USN-7767-2

USN-7779-1

USN-7790-1

USN-7800-1

USN-7801-1

USN-7801-2

USN-7801-3

USN-7802-1

USN-7809-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2025-13217 · Linux+4 · Linux Kernel+4

CVE-2025-21880

Weakness Enumeration

Related Identifiers

Affected Products

References · 730