CVE-2025-21733

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A vulnerability in the Linux kernel has been resolved. The issue occurs when the timerlat tracer is started with the osnoise option OSNOISE WORKLOAD disabled, but then the option is enabled and timerlat is removed. The tracepoints that were enabled on timerlat registration do not get disabled, triggering a warning in the tracepoint code when timerlat is started again. To fix this, a global flag is set when the osnoise option is enabled, and this flag is used to disable the events when timerlat is removed.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. As a temporary workaround, consider disabling the timerlat tracer until a patch is available. Additionally, restrict access to the /sys/kernel/tracing/osnoise/options and /sys/kernel/tracing/current tracer files to minimize the risk of exploitation. Avoid using the OSNOISE WORKLOAD option in the osnoise tracer until the issue is resolved.