CVE-2025-21820
- Source
- https://cve.org/CVERecord?id=CVE-2025-21820
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21820.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-21820
- Downstream
- Related
- Published
- 2025-02-27T20:04:17.930Z
- Modified
- 2026-03-20T12:41:11.596501Z
- Summary
- tty: xilinx_uartps: split sysrq handling
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
tty: xilinx_uartps: split sysrq handling
lockdep detects the following circular locking dependency:
CPU 0 CPU 1 ========================== ============================ cdnsuartisr() printk() uartportlock(port) consolelock() cdnsuartconsolewrite() if (!port->sysrq) uartportlock(port) uarthandlebreak() port->sysrq = ... uarthandlesysrqchar() printk() consolelock()
The fixed commit attempts to avoid this situation by only taking the port lock in cdnsuartconsolewrite if port->sysrq unset. However, if (as shown above) cdnsuartconsolewrite runs before port->sysrq is set, then it will try to take the port lock anyway. This may result in a deadlock.
Fix this by splitting sysrq handling into two parts. We use the prepare helper under the port lock and defer handling until we release the lock.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21820.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/4410dba9807a17a93f649a9f5870ceaf30a675a3
- https://git.kernel.org/stable/c/8ea0e7b3d7b8f2f0fc9db491ff22a0abe120801c
- https://git.kernel.org/stable/c/9b88a7c4584ba67267a051069b8abe44fc9595b2
- https://git.kernel.org/stable/c/b06f388994500297bb91be60ffaf6825ecfd2afe
- https://git.kernel.org/stable/c/de5bd24197bd9ee37ec1e379a3d882bbd15c5065
- https://git.kernel.org/stable/c/e22a97700901ba5e8bf8db68056a0d50f9440cae
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21820.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-21820
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced74ea66d4ca061a3cd4c0e924e51b60e924644852Fixede22a97700901ba5e8bf8db68056a0d50f9440caeFixedde5bd24197bd9ee37ec1e379a3d882bbd15c5065Fixed8ea0e7b3d7b8f2f0fc9db491ff22a0abe120801cFixed9b88a7c4584ba67267a051069b8abe44fc9595b2Fixed4410dba9807a17a93f649a9f5870ceaf30a675a3Fixedb06f388994500297bb91be60ffaf6825ecfd2afe