CVE-2025-21761
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's Open vSwitch module. The ovs_vport_cmd_fill_info() function can be called without proper RCU protection, potentially allowing local attackers to cause memory corruption. Systems running vulnerable Linux kernel versions with Open vSwitch enabled are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to root, kernel panic leading to denial of service, or arbitrary code execution in kernel context.
Likely Case
Local denial of service through kernel panic or system crash.
If Mitigated
Minimal impact if proper access controls restrict local user privileges and Open vSwitch is not in use.
🎯 Exploit Status
Requires local access and knowledge of kernel exploitation techniques. No public exploit code is known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check kernel commit hashes provided in references for specific patched versions
Vendor Advisory: https://git.kernel.org/stable/c/5828937742af74666192835d657095d95c53dbd0
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify Open vSwitch module loads correctly after reboot.
🔧 Temporary Workarounds
Disable Open vSwitch module
LinuxUnload the Open vSwitch kernel module if not required
sudo rmmod openvswitch
Blacklist Open vSwitch module
LinuxPrevent Open vSwitch module from loading at boot
echo 'blacklist openvswitch' | sudo tee /etc/modprobe.d/blacklist-openvswitch.conf
🧯 If You Can't Patch
- Restrict local user access to systems running Open vSwitch
- Implement strict privilege separation and limit shell access to trusted users only
🔍 How to Verify
Check if Vulnerable:
Check if Open vSwitch module is loaded: lsmod | grep openvswitch. If loaded, check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to patched version and Open vSwitch module loads without errors.📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- System crash/panic logs
- Open vSwitch module loading errors
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
Search for kernel panic events or Open vSwitch related crashes in system logs🔗 References
- https://git.kernel.org/stable/c/5828937742af74666192835d657095d95c53dbd0
- https://git.kernel.org/stable/c/7e01abc34e87abd091e619161a20f54ed4e3e2da
- https://git.kernel.org/stable/c/8ec57509c36c8b9a23e50b7858dda0c520a2d074
- https://git.kernel.org/stable/c/90b2f49a502fa71090d9f4fe29a2f51fe5dff76d
- https://git.kernel.org/stable/c/a849a10de5e04d798f7f286a2f1ca174719a617a
- https://git.kernel.org/stable/c/a8816b3f1f151373fd30f1996f00480126c8bb11
- https://git.kernel.org/stable/c/a884f57600e463f69d7b279c4598b865260b62a1
- https://git.kernel.org/stable/c/e85a25d1a9985645e796039e843d1de581d2de1e
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
