Login Sign Up

CVE-2025-21816

5.5 MEDIUM
Denial of Service

📋 TL;DR

A Linux kernel vulnerability in the hrtimers subsystem allows timers to be queued on offline CPUs during CPU hotplug operations, potentially causing system instability or denial of service. This affects systems performing CPU hotplug operations, particularly in virtualized environments or servers with dynamic CPU management.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but fix commits target stable kernel branches.
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires CPU hotplug operations to be triggered. More likely in virtualized environments, containers, or systems with dynamic CPU scaling.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System crash or hang during CPU hotplug operations, potentially requiring physical intervention to recover.

🟠

Likely Case

System instability or performance degradation during CPU hotplug events, with warnings in kernel logs.

🟢

If Mitigated

Minor performance impact during CPU hotplug with proper kernel patching.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger CPU hotplug operations.
🏢 Internal Only: MEDIUM - Could affect virtualized environments, containers, or systems with dynamic CPU management.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires ability to trigger CPU hotplug operations, typically requiring privileged access or specific system configurations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 2aecec58e9040ce3d2694707889f9914a2374955, 53dac345395c0d2493cbc2f4c85fe38aef5b63f5, 63815bef47ec25f5a125019ca480882481ee1553, 82ac6adbbb2aad14548a71d5e2e37f4964a15e38, e456a88bddae4030ba962447bb84be6669f2a0c1

Vendor Advisory: https://git.kernel.org/stable/c/2aecec58e9040ce3d2694707889f9914a2374955

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable CPU hotplug

linux

Prevent CPU hotplug operations that trigger the vulnerability

echo 0 > /sys/devices/system/cpu/cpuX/online (for specific CPUs)
Set kernel boot parameter: maxcpus=1 (limits to single CPU)

🧯 If You Can't Patch

  • Avoid CPU hotplug operations in production environments
  • Monitor system logs for hrtimer warnings during CPU state changes

🔍 How to Verify

Check if Vulnerable:

Check kernel version against patched releases from your distribution vendor. Look for kernel warnings about hrtimers during CPU hotplug in dmesg.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits. Test CPU hotplug operations and monitor for hrtimer warnings.

📡 Detection & Monitoring

Log Indicators:

  • WARNING: CPU: X PID: Y at kernel/time/hrtimer.c:1086 hrtimer_start_range_ns
  • CPU hotplug related errors in kernel logs
  • RCU stall warnings during CPU offline operations

Network Indicators:

  • None - local kernel vulnerability

SIEM Query:

source="kernel" AND "hrtimer" AND ("WARNING" OR "CPU" AND "dying")

📊 Metadata

CVE ID: CVE-2025-21816
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.05% exploit probability (15.8th percentile)
Published: February 27, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON