AZL-60352

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60352.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-60352

Upstream

CVE-2025-21908

Published

2025-04-01T16:15:21Z

Modified

2026-04-01T05:19:37.084391Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2025-21908 affecting package kernel for versions less than 6.6.85.1-2

Details

In the Linux kernel, the following vulnerability has been resolved:

NFS: fix nfsreleasefolio() to not deadlock via kcompactd writeback

Add PFKCOMPACTD flag and currentiskcompactd() helper to check for it so nfsreleasefolio() can skip calling nfswb_folio() from kcompactd.

Otherwise NFS can deadlock waiting for kcompactd enduced writeback which recurses back to NFS (which triggers writeback to NFSD via NFS loopback mount on the same host, NFSD blocks waiting for XFS's call to __filemapgetfolio):

6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.

{--- [58] "kcompactd0" [<0>] foliowaitbit+0xe8/0x200 [<0>] foliowaitwriteback+0x2b/0x80 [<0>] nfswbfolio+0x80/0x1b0 [nfs] [<0>] nfsreleasefolio+0x68/0x130 [nfs] [<0>] splithugepagetolisttoorder+0x362/0x840 [<0>] migratepagesbatch+0x43d/0xb90 [<0>] migratepagessync+0x9a/0x240 [<0>] migratepages+0x93c/0x9f0 [<0>] compactzone+0x8e2/0x1030 [<0>] compactnode+0xdb/0x120 [<0>] kcompactd+0x121/0x2e0 [<0>] kthread+0xcf/0x100 [<0>] retfromfork+0x31/0x40 [<0>] retfromforkasm+0x1a/0x30 ---}

[akpm@linux-foundation.org: fix build]

References

https://nvd.nist.gov/vuln/detail/CVE-2025-21908

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.85.1-2

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60352.json"