PT-2025-8858 · Linux+6 · Linux Kernel+6

Takashi Iwai

Published

2025-01-17

Updated

2026-04-20

CVE-2025-21746

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A crash issue has been identified in the Linux kernel related to the synaptics input driver. When enabling a pass-through port, an interrupt may occur before the psmouse driver binds to the port. The synaptics sub-driver attempts to access the psmouse instance associated with the pass-through port, which may cause a crash if the psmouse instance has not been attached to the port yet. This issue is resolved by introducing open and close methods for the port and checking if the port is open before accessing the psmouse instance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Time Of Check To Time Of Use

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367CWE-404

Related Identifiers

ALSA-2025:20518

BDU:2025-11806

CVE-2025-21746

INFSA-2025_20518

OESA-2025-1446

OESA-2025-1450

RHSA-2025:20518

RHSA-2025_20518

USN-7521-1

USN-7521-2

USN-7521-3

USN-7703-1

USN-7703-2

USN-7703-3

USN-7703-4

USN-7719-1

USN-7737-1

Affected Products

Almalinux

Astra Linux

Linuxmint

Linux Kernel

Red Hat

Rocky Linux

Ubuntu

PT-2025-8858 · Linux+6 · Linux Kernel+6

CVE-2025-21746

Weakness Enumeration

Related Identifiers

Affected Products

References · 687