CVE-2025-21709

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been identified, related to the handling of memory allocation failures during dup mmap() and uprobe registration. If a memory allocation fails, the maple tree can be left in an unsafe state, allowing access to an incomplete mm struct through certain paths, such as the rmap finding vmas with a pointer back to the mm struct. Although a previous patch fixed uprobe access, it did not completely remove the race condition. The issue has been proven unsafe, as an incomplete mm struct can fail with recent forking changes. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve the issue, apply the patch that sets MMF OOM SKIP to avoid iteration of vmas on the oom side and sets MMF UNSTABLE to prevent other potential users from using a partially initialized mm struct. When registering vmas for uprobe, skip the vmas in an mm that is marked unstable to prevent issues that may arise from modifying a vma in an unstable mm. At the moment, there is no information about a newer version that contains a fix for this vulnerability.