AZL-56800

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-56800.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-56800

Upstream

CVE-2025-21694

Published

2025-02-12T14:15:32Z

Modified

2026-04-01T05:18:58.660954Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2025-21694 affecting package kernel for versions less than 5.15.180.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

fs/proc: fix softlockup in _readvmcore (part 2)

Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the number of softlockups in _readvmcore at kdump time have gone down, but they still happen sometimes.

In a memory constrained environment like the kdump image, a softlockup is not just a harmless message, but it can interfere with things like RCU freeing memory, causing the crashdump to get stuck.

The second loop in _readvmcore has a lot more opportunities for natural sleep points, like scheduling out while waiting for a data write to happen, but apparently that is not always enough.

Add a cond_resched() to the second loop in _readvmcore to (hopefully) get rid of the softlockups.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-21694

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.180.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-56800.json"