CVE-2025-21933
📋 TL;DR
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's ARM page table handling. When the kernel attempts to migrate memory pages during compaction, a NULL pointer passed to update_mmu_cache_range() causes a kernel panic, resulting in system crash. This affects Linux systems running on ARM architecture with specific kernel configurations.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system crash and denial of service, requiring physical or remote reboot to restore functionality.
Likely Case
System instability and crashes during memory-intensive operations, particularly when memory compaction is triggered.
If Mitigated
Minor performance impact during memory management operations with proper kernel configuration.
🎯 Exploit Status
Exploitation requires ability to trigger memory compaction operations and specific kernel configuration. Likely requires local access.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees via provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/91d011efe30aedde067ce6d218d521cf99b162e5
Restart Required: Yes
Instructions:
1. Identify your kernel version. 2. Apply patches from stable kernel tree. 3. Recompile kernel if using custom build. 4. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable memory compaction
linuxPrevent triggering of the vulnerable code path by disabling kernel memory compaction
echo 0 > /proc/sys/vm/compact_memory
sysctl -w vm.compact_memory=0
Disable CONFIG_SPLIT_PTE_PTLOCKS
linuxRebuild kernel without the vulnerable configuration option
Rebuild kernel with CONFIG_SPLIT_PTE_PTLOCKS=n
🧯 If You Can't Patch
- Monitor system logs for kernel panic messages related to update_mmu_cache_range
- Limit memory-intensive applications that could trigger memory compaction
🔍 How to Verify
Check if Vulnerable:
Check kernel configuration for CONFIG_SPLIT_PTE_PTLOCKS and verify kernel version against patched releasesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes the git commit hashes: 91d011efe30aedde067ce6d218d521cf99b162e5 or a564ccfe300fa6a065beda06ab7f3c140d6b4d63📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning 'update_mmu_cache_range'
- NULL pointer dereference errors at virtual address 00000030
- Call traces including remove_migration_pte and compact_zone
Network Indicators:
- Sudden loss of connectivity to system
- System becoming unresponsive
SIEM Query:
event_source="kernel" AND (message CONTAINS "update_mmu_cache_range" OR message CONTAINS "NULL pointer dereference" AND address="00000030")