CVE-2025-21777

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel's ring-buffer has been identified. The issue arises from the lack of validation for duplicate entries in the meta data subbuf array, which contains indexes of all subbuffers. This array is used to create the ring buffer link list. If duplicates are present, particularly on the writer side, it could lead to corruption of the ring buffer link list and potentially cause a kernel crash. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve this issue, apply the patch that introduces a bitmask array to track unique subbuffer entries. Specifically, create a bitmask array with the size of the number of subbuffers, clear it, and then use it to check for duplicates while walking through the subbuf array. If a duplicate entry is found, fail the validation. Otherwise, set the corresponding bit in the bitmask array for each valid entry. At the moment, there is no information about a newer version that contains a fix for this vulnerability.