| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025040348-CVE-2025-21998-b57d@gregkh> Date: Thu, 3 Apr 2025 08:17:50 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2025-21998: firmware: qcom: uefisecapp: fix efivars registration race Description =========== In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer dereference in case of a racing EFI variable access. Make sure that all resources have been set up before registering the efivars. The Linux kernel CVE team has assigned CVE-2025-21998 to this issue. Affected and fixed versions =========================== Issue introduced in 6.11 with commit 6612103ec35af6058bb85ab24dae28e119b3c055 and fixed in 6.12.21 with commit c4e37b381a7a243c298a4858fc0a5a74e737c79a Issue introduced in 6.11 with commit 6612103ec35af6058bb85ab24dae28e119b3c055 and fixed in 6.13.9 with commit f15a2b96a0e41c426c63a932d0e63cde7b9784aa Issue introduced in 6.11 with commit 6612103ec35af6058bb85ab24dae28e119b3c055 and fixed in 6.14 with commit da8d493a80993972c427002684d0742560f3be4a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-21998 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/firmware/qcom/qcom_qseecom_uefisecapp.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/c4e37b381a7a243c298a4858fc0a5a74e737c79a https://git.kernel.org/stable/c/f15a2b96a0e41c426c63a932d0e63cde7b9784aa https://git.kernel.org/stable/c/da8d493a80993972c427002684d0742560f3be4a
Powered by blists - more mailing lists