CVE-2025-21851

bpf: Fix softlockup in arena_map_free on 64k page kernel

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y, arena_htab tests cause a segmentation fault and soft lockup. The same failure is not observed with 4k pages on aarch64. It turns out arena_map_free() is calling apply_to_existing_page_range() with the address returned by bpf_arena_get_kern_vm_start(). If this address is not page-aligned the code ends up calling apply_to_pte_range() with that unaligned address causing soft lockup. Fix it by round up GUARD_SZ to PAGE_SIZE << 1 so that the division by 2 in bpf_arena_get_kern_vm_start() returns a page-aligned value.

Category

3.3
CVSS
Severity: Low
CVSS 3.1 •
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/c1f3f3892d4526f18aaeffdb6068ce861e793ee3 patch
https://git.kernel.org/stable/c/787d556a3de447e70964a4bdeba9196f62a62b1e patch
https://git.kernel.org/stable/c/517e8a7835e8cfb398a0aeb0133de50e31cae32b patch

Frequently Asked Questions

What is the severity of CVE-2025-21851?
CVE-2025-21851 has been scored as a low severity vulnerability.
How to fix CVE-2025-21851?
To fix CVE-2025-21851, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-21851 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-21851 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-21851?
CVE-2025-21851 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.