PT-2025-14367 · Linux+5 · Linux Kernel+5

Published

2025-03-05

Updated

2026-05-26

CVE-2025-21986

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A vulnerability in the Linux kernel's switchdev notification chain has been resolved. The issue involved a blocking notification chain that used a read-write semaphore to protect the chain's integrity. However, recursive notifications were possible, leading to the semaphore being acquired twice for reading and generating lockdep warnings. This could happen when the bridge driver processed a SWITCHDEV BRPORT UNOFFLOADED event, causing it to emit notifications about deferred events. The fix converted the notification chain to a raw notification chain, protecting it using the RTNL mutex.

Recommendations For Linux kernel versions prior to the fixed version, consider applying the patch that converts the blocking notification chain to a raw notification chain to resolve the issue. As a temporary workaround, consider restricting access to the switchdev notification chain to minimize the risk of exploitation.

Exploit

Fix

DoS

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-833CWE-667

Related Identifiers

BDU:2025-12346

CVE-2025-21986

DLA-4193-1

DSA-5900-1

ECHO-3E84-BFB4-B772

MGASA-2025-0142

MGASA-2025-0146

OESA-2026-2417

OESA-2026-2418

USN-7605-1

USN-7605-2

USN-7606-1

USN-7628-1

USN-7764-1

USN-7764-2

USN-7765-1

USN-7766-1

USN-7767-1

USN-7767-2

USN-7779-1

USN-7790-1

USN-7800-1

USN-7801-1

USN-7801-2

USN-7801-3

USN-7802-1

USN-7809-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2025-14367 · Linux+5 · Linux Kernel+5

CVE-2025-21986

Weakness Enumeration

Related Identifiers

Affected Products

References · 428