DEBIAN-CVE-2025-21655
- Source
- https://security-tracker.debian.org/tracker/CVE-2025-21655
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2025-21655.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2025-21655
- Upstream
- Published
- 2025-01-20T14:15:27Z
- Modified
- 2025-09-19T07:34:23.073353Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: iouring/eventfd: ensure ioeventfdsignal() defers another RCU period ioeventfddosignal() is invoked from an RCU callback, but when dropping the reference to the ioevfd, it calls ioeventfdfree() directly if the refcount drops to zero. This isn't correct, as any potential freeing of the ioevfd should be deferred another RCU grace period. Just call ioeventfdput() rather than open-code the dec-and-test and free, which will correctly defer it another RCU grace period.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.128-1
Affected versions
6.*
6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.1.112-1
6.1.115-1
6.1.119-1
6.1.123-1
6.1.124-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:11 / linux-6.1
Package
- Name
- linux-6.1
- Purl
- pkg:deb/debian/linux-6.1?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.128-1~deb11u1