CVE-2025-21809

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc5-build2+ #1223

Description A vulnerability in the Linux kernel has been identified, related to the rxrpc and afs modules. The issue arises from the use of spinlocks in the rxnet->peer hash lock, which can lead to a deadlock when the RCU cleanup is called from a BH context. This can occur when an rxrpc peer object runs out of references and is removed from the peer hash table, requiring the taking of a spinlock. The possibility of deadlock exists if the BH-based RCU cleanup happens while the hash spinlock is held. Technical details include the rxrpc put peer function and the rxnet->peer hash lock spinlock.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix, which changes the spinlocks of rxnet->peer hash lock back to BH-disabling locks.

Note: The provided information does not specify the exact version that includes the fix, only that the issue is present in versions prior to 6.13.0-rc5-build2+ #1223.