Login Sign Up

CVE-2025-21931

5.5 MEDIUM
Denial of Service

📋 TL;DR

A race condition vulnerability in the Linux kernel's memory hotplug subsystem where hardware-poisoned memory pages are not properly locked before unmapping during offline operations. This can cause kernel crashes (BUG/Oops) when attempting to offline memory blocks containing poisoned pages. Affects Linux systems with memory hotplug capability enabled.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions containing commit b15c87263a69 up to the fix commits
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires CONFIG_MEMORY_FAILURE and CONFIG_MEMORY_HOTPLUG kernel options enabled, which are common in server and cloud environments.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or corruption if the crash occurs during critical operations.

🟠

Likely Case

System crash when attempting to offline memory blocks containing hardware-poisoned pages, resulting in denial of service requiring reboot.

🟢

If Mitigated

No impact if memory hotplug operations are not performed or if poisoned memory pages are not present.

🌐 Internet-Facing: LOW - This vulnerability requires local access and specific memory management operations.
🏢 Internal Only: MEDIUM - Local users with appropriate privileges could trigger the crash, but requires specific memory conditions and operations.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires local access, ability to trigger memory hotplug operations, and presence of hardware-poisoned memory pages. More likely to be triggered accidentally than maliciously.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 3926b572fd073491bde13ec42ee08ac1b337bf4d, 576a2f4c437c19bec7d05d05b5990f178d2b0f40, 629dfc6ba5431056701d4e44830f3409b989955a, 93df6da64b004f75d307ed08d3f0f1020280d339, af288a426c3e3552b62595c6138ec6371a17dbba

Vendor Advisory: https://git.kernel.org/stable/c/3926b572fd073491bde13ec42ee08ac1b337bf4d

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable memory hotplug

linux

Prevent memory hotplug operations that could trigger the vulnerability

echo 0 > /sys/devices/system/memory/probe
echo offline > /sys/devices/system/memory/memoryX/state (for existing blocks)

Disable memory failure handling

linux

Prevent hardware-poisoned page detection

echo 0 > /proc/sys/vm/memory_failure_early_kill
echo 0 > /proc/sys/vm/memory_failure_recovery

🧯 If You Can't Patch

  • Avoid memory hotplug operations on systems with potential hardware memory issues
  • Monitor system logs for memory failure events and avoid offlining affected memory blocks

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if memory hotplug is enabled: cat /proc/cmdline | grep -i memory_hotplug && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: uname -r and check with distribution vendor for specific patched versions

📡 Detection & Monitoring

Log Indicators:

  • Kernel BUG/Oops messages mentioning try_to_unmap_one or unmap_poisoned_folio
  • Memory failure events in dmesg or /var/log/kern.log

Network Indicators:

  • None - this is a local kernel vulnerability

SIEM Query:

source="kernel" AND ("BUG" OR "Oops" OR "try_to_unmap_one" OR "unmap_poisoned_folio")

📊 Metadata

CVE ID: CVE-2025-21931
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-667
EPSS Score: 0.07% exploit probability (21.6th percentile)
Published: April 1, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-21931, you might also want to check these:

CVE-2020-12658 9.8

CVE-2020-12658 is a critical vulnerability in gssproxy (GSS-API proxy daemon) where improper mutex h...

Same vulnerability type (CWE-667)
CVE-2020-11284 8.4

This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should re...

Same vulnerability type (CWE-667)
CVE-2021-22530 8.2

CVE-2021-22530 is an authentication bypass vulnerability in NetIQ Advanced Authentication that allow...

Same vulnerability type (CWE-667)