CVE-2025-21681— Linux kernel 安全漏洞
影响版本矩阵 14
| 厂商 | 产品 | 版本范围 | 状态 |
|---|---|---|---|
| Linux | Linux | 9b0dd09c1ceb35950d2884848099fccc9ec9a123< b5c73fc92f8d15c16e5dc87b5c17d2abf1e6d092 | affected |
284be5db6c8d06d247ed056cfc448c4f79bbb16c< 87fcf0d137c770e6040ebfdb0abd8e7dd481b504 | affected | ||
5efcb301523baacd98a47553d4996e924923114d< 930268823f6bccb697aa5d2047aeffd4a497308c | affected | ||
644b3051b06ba465bc7401bfae9b14963cbc8c1c< ea9e990356b7bee95440ba0e6e83cc4d701afaca | affected | ||
066b86787fa3d97b7aefb5ac0a99a22dad2d15f8< ea966b6698785fb9cd0fdb867acd91b222e4723f | affected | ||
066b86787fa3d97b7aefb5ac0a99a22dad2d15f8< 82f433e8dd0629e16681edf6039d094b5518d8ed | affected | ||
066b86787fa3d97b7aefb5ac0a99a22dad2d15f8< 47e55e4b410f7d552e43011baa5be1aab4093990 | affected | ||
56252da41426f3d01957456f13caf46ce670ea29 | affected | ||
| … +6 条更多 | |||
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2025-21681 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
openvswitch: fix lockup on tx to unregistering netdev with carrier
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to unregistering netdev with carrier Commit in a fixes tag attempted to fix the issue in the following sequence of calls: do_output -> ovs_vport_send -> dev_queue_xmit -> __dev_queue_xmit -> netdev_core_pick_tx -> skb_tx_hash When device is unregistering, the 'dev->real_num_tx_queues' goes to zero and the 'while (unlikely(hash >= qcount))' loop inside the 'skb_tx_hash' becomes infinite, locking up the core forever. But unfortunately, checking just the carrier status is not enough to fix the issue, because some devices may still be in unregistering state while reporting carrier status OK. One example of such device is a net/dummy. It sets carrier ON on start, but it doesn't implement .ndo_stop to set the carrier off. And it makes sense, because dummy doesn't really have a carrier. Therefore, while this device is unregistering, it's still easy to hit the infinite loop in the skb_tx_hash() from the OVS datapath. There might be other drivers that do the same, but dummy by itself is important for the OVS ecosystem, because it is frequently used as a packet sink for tcpdump while debugging OVS deployments. And when the issue is hit, the only way to recover is to reboot. Fix that by also checking if the device is running. The running state is handled by the net core during unregistering, so it covers unregistering case better, and we don't really need to send packets to devices that are not running anyway. While only checking the running state might be enough, the carrier check is preserved. The running and the carrier states seem disjoined throughout the code and different drivers. And other core functions like __dev_direct_xmit() check both before attempting to transmit a packet. So, it seems safer to check both flags in OVS as well.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于ovs_vport_send函数在设备注销时未正确检查设备是否处于运行状态,导致在尝试发送数据时可能陷入无限循环,锁定核心。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
二、漏洞 CVE-2025-21681 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2025-21681 的情报信息
请登录查看更多情报信息。
补丁 · 3
同批安全公告 · Linux · 2025-01-31 · 共 20 条
| CVE-2025-21673 | Linux kernel 资源管理错误漏洞 | |
| CVE-2024-57948 | Linux kernel 安全漏洞 | |
| CVE-2025-21665 | Linux kernel 安全漏洞 | |
| CVE-2025-21666 | Linux kernel 代码问题漏洞 | |
| CVE-2025-21667 | Linux kernel 安全漏洞 | |
| CVE-2025-21668 | Linux kernel 安全漏洞 | |
| CVE-2025-21669 | Linux kernel 代码问题漏洞 | |
| CVE-2025-21670 | Linux kernel 代码问题漏洞 | |
| CVE-2025-21671 | Linux kernel 资源管理错误漏洞 | |
| CVE-2025-21672 | Linux kernel 安全漏洞 | |
| CVE-2025-21683 | Linux kernel 安全漏洞 | |
| CVE-2025-21674 | Linux kernel 安全漏洞 | |
| CVE-2025-21675 | Linux kernel 代码问题漏洞 | |
| CVE-2025-21676 | Linux kernel 代码问题漏洞 | |
| CVE-2025-21677 | Linux kernel 安全漏洞 | |
| CVE-2025-21679 | Linux kernel 安全漏洞 | |
| CVE-2025-21678 | Linux kernel 安全漏洞 | |
| CVE-2025-21680 | Linux kernel 输入验证错误漏洞 | |
| CVE-2025-21682 | Linux kernel 代码问题漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2025-21681
暂无评论