CVE-2025-21761

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-21761
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21761.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21761
Downstream
Related
Published
2025-02-27T02:18:14.054Z
Modified
2026-03-12T02:15:47.996561Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
openvswitch: use RCU protection in ovs_vport_cmd_fill_info()
Details

In the Linux kernel, the following vulnerability has been resolved:

openvswitch: use RCU protection in ovsvportcmdfillinfo()

ovsvportcmdfillinfo() can be called without RTNL or RCU.

Use RCU protection and devnetrcu() to avoid potential UAF.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21761.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9354d452034273a50a4fd703bea31e5d6b1fc20b
Fixed
e85a25d1a9985645e796039e843d1de581d2de1e
Fixed
a8816b3f1f151373fd30f1996f00480126c8bb11
Fixed
a884f57600e463f69d7b279c4598b865260b62a1
Fixed
7e01abc34e87abd091e619161a20f54ed4e3e2da
Fixed
8ec57509c36c8b9a23e50b7858dda0c520a2d074
Fixed
a849a10de5e04d798f7f286a2f1ca174719a617a
Fixed
5828937742af74666192835d657095d95c53dbd0
Fixed
90b2f49a502fa71090d9f4fe29a2f51fe5dff76d

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21761.json"