Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-21671
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-31 Jan, 2025 | 11:25
Updated At-11 May, 2026 | 21:04
Rejected At-
▼CVE Numbering Authority (CNA)
zram: fix potential UAF of zram table

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Which will potentially cause zram_meta_free to access the table if user reset an failed and uninitialized device.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/block/zram/zram_drv.c
Default Status
unaffected
Versions
Affected
  • From ac3b5366b9b7c9d97b606532ceab43d2329a22f3 before fe3de867f94819ba0f28e035c0b0182150147d95 (git)
  • From 0b5b0b65561b34e6e360de317e4bcd031bfabf42 before 571d3f6045cd3a6d9f6aec33b678f3ffe97582ef (git)
  • From 6fb92e9a52e3feae309a213950f21dfcd1eb0b40 before 902ef8f16d5ca77edc77c30656be54186c1e99b7 (git)
  • From 74363ec674cb172d8856de25776c8f3103f05e2f before 212fe1c0df4a150fb6298db2cfff267ceaba5402 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/block/zram/zram_drv.c
Default Status
unaffected
Versions
Affected
  • From 6.1.122 before 6.1.127 (semver)
  • From 6.6.68 before 6.6.74 (semver)
  • From 6.12.7 before 6.12.11 (semver)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/fe3de867f94819ba0f28e035c0b0182150147d95
N/A
https://git.kernel.org/stable/c/571d3f6045cd3a6d9f6aec33b678f3ffe97582ef
N/A
https://git.kernel.org/stable/c/902ef8f16d5ca77edc77c30656be54186c1e99b7
N/A
https://git.kernel.org/stable/c/212fe1c0df4a150fb6298db2cfff267ceaba5402
N/A
Hyperlink: https://git.kernel.org/stable/c/fe3de867f94819ba0f28e035c0b0182150147d95
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/571d3f6045cd3a6d9f6aec33b678f3ffe97582ef
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/902ef8f16d5ca77edc77c30656be54186c1e99b7
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/212fe1c0df4a150fb6298db2cfff267ceaba5402
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
Resource: N/A
Details not found