N/A - CVE-2025-21875

Executive Summary

Informations
Name	CVE-2025-21875	First vendor Publication	2025-03-27
Vendor	Cve	Last vendor Modification	2025-03-27

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	N/A	Attack Range	N/A
Cvss Impact Score	N/A	Attack Complexity	N/A
Cvss Expoit Score	N/A	Authentication	N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

mptcp: always handle address removal under msk socket lock

Syzkaller reported a lockdep splat in the PM control path:

WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]
WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]
WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788
Modules linked in:
CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]
RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]
RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788
Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 <0f> 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff
RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283
RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000
RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408
RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000
R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0
R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00
FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:

mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59
mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486
mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]
mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629
genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]
genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210
netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543
genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]
netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348
netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892
sock_sendmsg_nosec net/socket.c:718 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:733
____sys_sendmsg+0x53a/0x860 net/socket.c:2573
___sys_sendmsg net/socket.c:2627 [inline]
__sys_sendmsg+0x269/0x350 net/socket.c:2659
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f7e9998cde9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9
RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007
RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088

Indeed the PM can try to send a RM_ADDR over a msk without acquiring first the msk socket lock.

The bugged code-path comes from an early optimization: when there are no subflows, the PM should (usually) not send RM_ADDR notifications.

The above statement is incorrect, as without locks another process could concur ---truncated---

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21875

Sources (Detail)

https://git.kernel.org/stable/c/2c3de6dff4373f1036e003f49a32629359530bdb
https://git.kernel.org/stable/c/4124b782ec2b1e2e490cf0bbf10f53dfd3479890
https://git.kernel.org/stable/c/494ec285535632732eaa5786297a9ae4f731b5ff
https://git.kernel.org/stable/c/7cca31035c05819643ffb5d7518e9a331b3f6651
https://git.kernel.org/stable/c/8116fb4acd5d3f06cd37f84887dbe962b6703b1c
https://git.kernel.org/stable/c/a05da2be18aae7e82572f8d795f41bb49f5dfc7d
https://git.kernel.org/stable/c/f865c24bc55158313d5779fc81116023a6940ca3

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2025-05-26 14:43:13	Multiple Updates
2025-05-26 14:42:59	Multiple Updates
2025-05-26 03:14:50	Multiple Updates
2025-05-26 03:14:37	Multiple Updates
2025-05-25 15:06:45	Multiple Updates
2025-05-25 15:06:32	Multiple Updates
2025-05-25 03:15:07	Multiple Updates
2025-05-25 03:14:53	Multiple Updates
2025-05-24 14:15:57	Multiple Updates
2025-05-24 14:15:44	Multiple Updates
2025-05-24 03:14:45	Multiple Updates
2025-05-24 03:14:31	Multiple Updates
2025-05-23 14:14:41	Multiple Updates
2025-05-23 14:14:27	Multiple Updates
2025-05-23 04:21:58	Multiple Updates
2025-05-23 04:21:44	Multiple Updates
2025-05-22 14:14:49	Multiple Updates
2025-05-22 14:14:35	Multiple Updates
2025-05-22 05:11:16	Multiple Updates
2025-05-22 05:11:02	Multiple Updates
2025-05-21 14:45:00	Multiple Updates
2025-05-21 14:44:46	Multiple Updates
2025-05-21 03:15:09	Multiple Updates
2025-05-21 03:14:55	Multiple Updates
2025-05-20 14:16:11	Multiple Updates
2025-05-20 14:15:58	Multiple Updates
2025-05-20 05:45:08	Multiple Updates
2025-05-20 05:44:54	Multiple Updates
2025-05-19 14:15:23	Multiple Updates
2025-05-19 14:15:09	Multiple Updates
2025-05-19 06:29:24	Multiple Updates
2025-05-19 06:29:09	Multiple Updates
2025-05-18 14:15:38	Multiple Updates
2025-05-18 14:15:25	Multiple Updates
2025-05-18 03:20:28	Multiple Updates
2025-05-18 03:20:14	Multiple Updates
2025-05-17 14:15:41	Multiple Updates
2025-05-17 14:15:27	Multiple Updates
2025-05-17 07:13:09	Multiple Updates
2025-05-17 07:12:55	Multiple Updates
2025-05-16 15:27:08	Multiple Updates
2025-05-16 15:26:53	Multiple Updates
2025-05-16 07:20:14	Multiple Updates
2025-05-16 07:19:59	Multiple Updates
2025-05-15 15:03:49	Multiple Updates
2025-05-15 15:03:28	Multiple Updates
2025-05-15 04:58:27	Multiple Updates
2025-05-15 04:58:13	Multiple Updates
2025-05-14 15:34:04	Multiple Updates
2025-05-14 15:33:40	Multiple Updates
2025-05-14 04:46:59	Multiple Updates
2025-05-14 04:46:45	Multiple Updates
2025-05-13 14:16:17	Multiple Updates
2025-05-13 14:16:03	Multiple Updates
2025-05-13 05:17:28	Multiple Updates
2025-05-13 05:17:11	Multiple Updates
2025-05-12 14:21:14	Multiple Updates
2025-05-12 14:21:00	Multiple Updates
2025-05-12 04:28:32	Multiple Updates
2025-05-12 04:28:16	Multiple Updates
2025-05-11 14:18:06	Multiple Updates
2025-05-11 14:17:51	Multiple Updates
2025-05-11 04:20:26	Multiple Updates
2025-05-11 04:20:12	Multiple Updates
2025-05-10 14:17:47	Multiple Updates
2025-05-10 14:17:29	Multiple Updates
2025-05-10 04:54:10	Multiple Updates
2025-05-10 04:53:56	Multiple Updates
2025-05-09 14:17:02	Multiple Updates
2025-05-09 14:16:48	Multiple Updates
2025-05-09 04:17:56	Multiple Updates
2025-05-09 04:17:41	Multiple Updates
2025-05-08 14:23:28	Multiple Updates
2025-05-08 14:23:14	Multiple Updates
2025-05-08 04:35:04	Multiple Updates
2025-05-08 04:34:50	Multiple Updates
2025-05-07 14:24:59	Multiple Updates
2025-05-07 14:24:42	Multiple Updates
2025-05-07 04:23:55	Multiple Updates
2025-05-07 04:23:40	Multiple Updates
2025-05-06 14:22:03	Multiple Updates
2025-05-06 14:21:50	Multiple Updates
2025-05-06 04:22:25	Multiple Updates
2025-05-06 04:22:11	Multiple Updates
2025-05-05 14:15:59	Multiple Updates
2025-05-05 14:15:45	Multiple Updates
2025-05-05 04:35:17	Multiple Updates
2025-05-05 04:35:03	Multiple Updates
2025-05-04 14:20:10	Multiple Updates
2025-05-04 14:19:56	Multiple Updates
2025-05-04 04:43:37	Multiple Updates
2025-05-04 04:43:23	Multiple Updates
2025-05-03 14:23:49	Multiple Updates
2025-05-03 14:23:35	Multiple Updates
2025-05-03 04:35:50	Multiple Updates
2025-05-03 04:35:36	Multiple Updates
2025-05-02 14:24:19	Multiple Updates
2025-05-02 14:24:02	Multiple Updates
2025-05-02 04:11:08	Multiple Updates
2025-05-02 04:10:54	Multiple Updates
2025-05-01 14:23:18	Multiple Updates
2025-05-01 14:23:02	Multiple Updates
2025-05-01 05:03:11	Multiple Updates
2025-05-01 05:02:57	Multiple Updates
2025-04-30 14:22:47	Multiple Updates
2025-04-30 14:22:32	Multiple Updates
2025-04-30 05:06:56	Multiple Updates
2025-04-30 05:06:42	Multiple Updates
2025-04-29 14:28:10	Multiple Updates
2025-04-29 14:27:56	Multiple Updates
2025-04-29 05:18:37	Multiple Updates
2025-04-29 05:18:21	Multiple Updates
2025-04-28 14:26:56	Multiple Updates
2025-04-28 14:26:41	Multiple Updates
2025-04-28 05:23:56	Multiple Updates
2025-04-28 05:23:38	Multiple Updates
2025-04-27 14:18:11	Multiple Updates
2025-04-27 14:17:57	Multiple Updates
2025-04-27 06:15:45	Multiple Updates
2025-04-27 06:15:31	Multiple Updates
2025-04-26 14:15:27	Multiple Updates
2025-04-26 14:15:13	Multiple Updates
2025-04-26 06:48:32	Multiple Updates
2025-04-26 06:48:16	Multiple Updates
2025-04-25 14:17:05	Multiple Updates
2025-04-25 14:16:52	Multiple Updates
2025-04-25 05:20:28	Multiple Updates
2025-04-25 05:20:12	Multiple Updates
2025-04-24 14:25:02	Multiple Updates
2025-04-24 14:24:49	Multiple Updates
2025-04-24 05:46:41	Multiple Updates
2025-04-24 05:46:26	Multiple Updates
2025-04-23 14:17:21	Multiple Updates
2025-04-23 14:17:07	Multiple Updates
2025-04-23 06:05:11	Multiple Updates
2025-04-23 06:04:57	Multiple Updates
2025-04-22 14:17:20	Multiple Updates
2025-04-22 14:17:06	Multiple Updates
2025-04-22 06:49:56	Multiple Updates
2025-04-22 06:49:41	Multiple Updates
2025-04-21 14:16:51	Multiple Updates
2025-04-21 14:16:37	Multiple Updates
2025-04-21 05:53:06	Multiple Updates
2025-04-21 05:52:40	Multiple Updates
2025-04-20 14:17:25	Multiple Updates
2025-04-20 14:17:11	Multiple Updates
2025-04-20 07:31:08	Multiple Updates
2025-04-20 07:30:49	Multiple Updates
2025-04-19 14:17:42	Multiple Updates
2025-04-19 14:17:27	Multiple Updates
2025-04-19 06:17:29	Multiple Updates
2025-04-19 06:17:15	Multiple Updates
2025-04-18 16:36:05	Multiple Updates
2025-04-18 16:35:52	Multiple Updates
2025-04-18 03:17:53	Multiple Updates
2025-04-18 03:17:37	Multiple Updates
2025-04-17 14:17:17	Multiple Updates
2025-04-17 14:17:03	Multiple Updates
2025-04-17 06:47:43	Multiple Updates
2025-04-17 06:47:26	Multiple Updates
2025-04-16 14:22:57	Multiple Updates
2025-04-16 14:22:43	Multiple Updates
2025-04-16 07:05:38	Multiple Updates
2025-04-16 07:05:23	Multiple Updates
2025-04-15 14:18:48	Multiple Updates
2025-04-15 14:18:33	Multiple Updates
2025-04-15 05:10:11	Multiple Updates
2025-04-15 05:09:57	Multiple Updates
2025-04-14 15:57:27	Multiple Updates
2025-04-14 15:57:14	Multiple Updates
2025-04-14 04:56:53	Multiple Updates
2025-04-14 04:56:05	Multiple Updates
2025-04-13 15:25:10	Multiple Updates
2025-04-13 15:24:56	Multiple Updates
2025-04-13 03:26:21	Multiple Updates
2025-04-13 03:26:06	Multiple Updates
2025-04-12 14:17:24	Multiple Updates
2025-04-12 14:17:11	Multiple Updates
2025-04-12 04:33:23	Multiple Updates
2025-04-12 04:32:58	Multiple Updates
2025-04-11 14:45:03	Multiple Updates
2025-04-11 14:44:49	Multiple Updates
2025-04-11 03:25:15	Multiple Updates
2025-04-11 03:25:01	Multiple Updates
2025-04-10 14:19:48	Multiple Updates
2025-04-10 14:19:34	Multiple Updates
2025-04-10 03:35:25	Multiple Updates
2025-04-10 03:35:09	Multiple Updates
2025-04-09 14:19:35	Multiple Updates
2025-04-09 14:19:21	Multiple Updates
2025-04-09 03:20:46	Multiple Updates
2025-04-09 03:20:31	Multiple Updates
2025-04-08 14:16:11	Multiple Updates
2025-04-08 14:15:58	Multiple Updates
2025-04-08 03:22:07	Multiple Updates
2025-04-08 03:21:53	Multiple Updates
2025-04-07 14:15:29	Multiple Updates
2025-04-07 14:15:15	Multiple Updates
2025-04-07 03:16:16	Multiple Updates
2025-04-07 03:16:02	Multiple Updates
2025-04-06 14:15:20	Multiple Updates
2025-04-06 14:15:06	Multiple Updates
2025-04-06 03:17:39	Multiple Updates
2025-04-06 03:17:25	Multiple Updates
2025-04-05 14:18:49	Multiple Updates
2025-04-05 14:18:35	Multiple Updates
2025-04-05 03:22:35	Multiple Updates
2025-04-05 03:22:21	Multiple Updates
2025-04-04 14:16:56	Multiple Updates
2025-04-04 14:16:42	Multiple Updates
2025-04-04 03:15:49	Multiple Updates
2025-04-04 03:15:35	Multiple Updates
2025-04-03 15:09:52	Multiple Updates
2025-04-03 15:09:32	Multiple Updates
2025-04-03 03:14:52	Multiple Updates
2025-04-03 03:14:38	Multiple Updates
2025-04-02 14:15:32	Multiple Updates
2025-04-02 14:15:19	Multiple Updates
2025-04-02 03:15:44	Multiple Updates
2025-04-02 03:15:30	Multiple Updates
2025-04-01 14:15:21	Multiple Updates
2025-04-01 14:15:07	Multiple Updates
2025-03-31 17:20:34	Multiple Updates
2025-03-27 17:20:57	First insertion