CVE-2025-21661
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-21661
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21661.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21661
- Downstream
- Related
- Published
- 2025-01-21T12:18:16Z
- Modified
- 2025-10-17T20:54:51.388886Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- gpio: virtuser: fix missing lookup table cleanups
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
gpio: virtuser: fix missing lookup table cleanups
When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from succeeding, even if the issue is corrected, unless the device is released. Additionally, cleanup is also needed in the less likely case of platformdeviceregister_full() failure.
Besides, a consistent memory leak in lookuptable->devid was spotted using kmemleak by toggling the live state between 0 and 1 with a correct lookup table.
Introduce gpiovirtuserremovelookuptable() as the counterpart to the existing gpiovirtusermakelookuptable() and call it from all necessary points to ensure proper cleanup.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced91581c4b3f29e2e22aeb1a62e842d529ca638b2dFixedd72d0126b1f6981f6ce8b4247305f359958c11b5
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced91581c4b3f29e2e22aeb1a62e842d529ca638b2dFixeda619cba8c69c434258ff4101d463322cd63e1bdc
Affected versions
v6.*
v6.10
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"id": "CVE-2025-21661-0a090255",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-virtuser.c",
"function": "gpio_virtuser_device_activate"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d72d0126b1f6981f6ce8b4247305f359958c11b5",
"signature_version": "v1",
"digest": {
"length": 981.0,
"function_hash": "52801295891002060022832947566676613553"
}
},
{
"signature_type": "Function",
"id": "CVE-2025-21661-18ef7d4b",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-virtuser.c",
"function": "gpio_virtuser_device_activate"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a619cba8c69c434258ff4101d463322cd63e1bdc",
"signature_version": "v1",
"digest": {
"length": 981.0,
"function_hash": "52801295891002060022832947566676613553"
}
},
{
"signature_type": "Function",
"id": "CVE-2025-21661-6f94e0c7",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-virtuser.c",
"function": "gpio_virtuser_device_deactivate"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d72d0126b1f6981f6ce8b4247305f359958c11b5",
"signature_version": "v1",
"digest": {
"length": 279.0,
"function_hash": "314218117721334079699619164283991703706"
}
},
{
"signature_type": "Line",
"id": "CVE-2025-21661-b2a2ef63",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-virtuser.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a619cba8c69c434258ff4101d463322cd63e1bdc",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"129409509988913714899154496851272144490",
"282029019040583437638353187419394302096",
"251980687773715873582211211854382912928",
"80817897430483663161175109444861537536",
"6448886853384672729778139454668672745",
"340094816719346485879522172752599288103",
"210235983482802272764117169315952363808",
"31641045423850790220314876181535475570",
"237718817363352530031566908427262041656",
"306929579091220109470076128868521964153",
"192433375652601439554772846155844796416",
"254330668645899863073040674644576457150",
"296385917446086597892447639759719999051",
"206658833851112947003212887549940063958",
"155551000056391521029979004274020220266",
"113234002442890241752548605188998811318",
"5353375704206323705853685691618304970",
"268978073675556292330523106566747153071",
"168442195979677644802823284876068202100",
"125296609063575654487302475762049646160",
"294413872599232558434816653425174838982",
"173314717797485804914919235774135486242",
"53535000505581762695462443931471799108",
"288258063455943507972809524624659344175",
"140275521492729350893455107286648685597",
"43675225440751718125322955098411223167",
"5502468654858964338501625680065075588",
"48495547522149150771648687017442311613",
"93973182459224767496355372268948987539",
"45556856655412287015015207854460382343",
"334120473561314800329791495562525451312",
"321950439414488173282374570432097338853",
"96732715748447512299798468759862884466",
"232017976441043069830387613718724012428",
"191332504088099555188088392519495538563"
]
}
},
{
"signature_type": "Line",
"id": "CVE-2025-21661-e0b0922d",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-virtuser.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d72d0126b1f6981f6ce8b4247305f359958c11b5",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"129409509988913714899154496851272144490",
"282029019040583437638353187419394302096",
"251980687773715873582211211854382912928",
"80817897430483663161175109444861537536",
"6448886853384672729778139454668672745",
"340094816719346485879522172752599288103",
"210235983482802272764117169315952363808",
"31641045423850790220314876181535475570",
"237718817363352530031566908427262041656",
"306929579091220109470076128868521964153",
"192433375652601439554772846155844796416",
"254330668645899863073040674644576457150",
"296385917446086597892447639759719999051",
"206658833851112947003212887549940063958",
"155551000056391521029979004274020220266",
"113234002442890241752548605188998811318",
"5353375704206323705853685691618304970",
"268978073675556292330523106566747153071",
"168442195979677644802823284876068202100",
"125296609063575654487302475762049646160",
"294413872599232558434816653425174838982",
"173314717797485804914919235774135486242",
"53535000505581762695462443931471799108",
"288258063455943507972809524624659344175",
"140275521492729350893455107286648685597",
"43675225440751718125322955098411223167",
"5502468654858964338501625680065075588",
"48495547522149150771648687017442311613",
"93973182459224767496355372268948987539",
"45556856655412287015015207854460382343",
"334120473561314800329791495562525451312",
"321950439414488173282374570432097338853",
"96732715748447512299798468759862884466",
"232017976441043069830387613718724012428",
"191332504088099555188088392519495538563"
]
}
},
{
"signature_type": "Function",
"id": "CVE-2025-21661-ef93b438",
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-virtuser.c",
"function": "gpio_virtuser_device_deactivate"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a619cba8c69c434258ff4101d463322cd63e1bdc",
"signature_version": "v1",
"digest": {
"length": 279.0,
"function_hash": "314218117721334079699619164283991703706"
}
}
]