CVE-2025-21812

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc3

Description A potential issue has been identified in the Linux kernel related to the ax25 protocol. The problem arises from a possible circular locking dependency detected between rtnl mutex and sk lock-AF AX25 in the ax25 setsockopt function. This could lead to a deadlock scenario. The issue was discovered by syzbot, which found a lockdep problem. Removing the ax25 RTNL dependency in ax25 setsockopt is suggested as a fix, which should also address possible use-after-free (UAF) issues in ax25.

Recommendations To resolve the issue, update to a version of the Linux kernel that includes the fix for the circular locking dependency in the ax25 protocol, specifically ensuring that the ax25 setsockopt function no longer depends on RTNL. At the moment, there is no information about a newer version that contains a fix for this vulnerability.