{"vulnerability": "CVE-2025-2189", "sightings": [{"uuid": "bb849994-b44d-44a8-9c7c-609b31b26cb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21893", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114259091334934490", "content": "", "creation_timestamp": "2025-03-31T21:09:33.612289Z"}, {"uuid": "80d73c72-3618-441a-bf3b-78d8be5d4265", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21893", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114259091334934490", "content": "", "creation_timestamp": "2025-03-31T21:09:33.631217Z"}, {"uuid": "3173566b-2109-42b4-9703-3b946770642a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lkkqi243mtk2", "content": "", "creation_timestamp": "2025-03-17T08:31:09.468576Z"}, {"uuid": "cfcf8930-9b37-4be4-bd7a-28cedf8e7ff3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lkedbvcerkf2", "content": "", "creation_timestamp": "2025-03-14T19:19:46.175731Z"}, {"uuid": "12760b77-6992-49f9-8721-a2a2efb1225a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lk7aq3knvvb2", "content": "", "creation_timestamp": "2025-03-12T18:55:45.333402Z"}, {"uuid": "9a1a8391-8d7e-41c8-8eb8-d6a0a0f99409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lkkwsnmgpf52", "content": "", "creation_timestamp": "2025-03-17T10:26:20.072515Z"}, {"uuid": "b03876cd-1a1b-4001-9fba-4847de77583c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21893", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lmdnknr2sc2h", "content": "", "creation_timestamp": "2025-04-08T23:40:40.536095Z"}, {"uuid": "596f31af-d8ec-4515-9ffd-37175bf2ad33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk4af5hvhd2n", "content": "", "creation_timestamp": "2025-03-11T14:05:53.702269Z"}, {"uuid": "656be1fc-add6-4938-ae10-62bad265c7ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lk6ltmpol2t2", "content": "", "creation_timestamp": "2025-03-12T12:38:14.299663Z"}, {"uuid": "8e7bda28-1e52-4bb5-906f-0a6aee91c47a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21895", "type": "seen", "source": "https://gist.github.com/Darkcrai86/bff19b21f229556d276a1ee6e52b74d5", "content": "", "creation_timestamp": "2025-09-24T11:16:15.000000Z"}, {"uuid": "ee2a045d-2415-45c4-b9f6-d9425bc1fb6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:35.000000Z"}, {"uuid": "f8a611be-4133-40e9-806e-1a35813fada3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21891", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "75e724d5-b85e-4b60-a6d2-ca2774bd1a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21894", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "758fc520-be3d-4c16-9034-a4883becb170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21899", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "852cd3ef-a6a8-40e6-90f4-c88e3b060800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7137", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2189\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N)\n\ud83d\udd39 Description: This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the plaintext credentials stored on the vulnerable device.\n\ud83d\udccf Published: 2025-03-11T11:40:20.173Z\n\ud83d\udccf Modified: 2025-03-11T13:15:46.249Z\n\ud83d\udd17 References:\n1. https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0043", "creation_timestamp": "2025-03-11T13:39:53.000000Z"}, {"uuid": "80e96762-2098-495c-a96c-4aafb5f5cf6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21894", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "081a2491-cf78-4e84-af02-5ed3d5a26af4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21891", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "4cd4978e-e015-4ea0-8552-761a16107833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21899", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "244eeb1b-4304-4093-acc1-0041f943bbd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://t.me/cvedetector/20084", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2189 - Tinxy Smart Devices PlainText Credentials Disclosure\", \n \"Content\": \"CVE ID : CVE-2025-2189 \nPublished : March 11, 2025, 12:15 p.m. | 1\u00a0hour, 58\u00a0minutes ago \nDescription : This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the plaintext credentials stored on the vulnerable device. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T15:57:16.000000Z"}, {"uuid": "28a97d4b-fff9-4ebc-b828-afc2423282d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21893", "type": "seen", "source": "https://t.me/cvedetector/21651", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21893 - Linux Kernel Keyring Use After Free (UAF) Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-21893 \nPublished : March 31, 2025, 8:15 p.m. | 51\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nkeys: Fix UAF in key_put() \n \nOnce a key's reference count has been reduced to 0, the garbage collector \nthread may destroy it at any time and so key_put() is not allowed to touch \nthe key after that point. The most key_put() is normally allowed to do is \nto touch key_gc_work as that's a static global variable. \n \nHowever, in an effort to speed up the reclamation of quota, this is now \ndone in key_put() once the key's usage is reduced to 0 - but now the code \nis looking at the key after the deadline, which is forbidden. \n \nFix this by using a flag to indicate that a key can be gc'd now rather than \nlooking at the key's refcount in the garbage collector. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T23:23:54.000000Z"}, {"uuid": "0a0536a4-a26a-4a62-b888-c0eedc8722b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21893", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9762", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21893\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nkeys: Fix UAF in key_put()\n\nOnce a key's reference count has been reduced to 0, the garbage collector\nthread may destroy it at any time and so key_put() is not allowed to touch\nthe key after that point. The most key_put() is normally allowed to do is\nto touch key_gc_work as that's a static global variable.\n\nHowever, in an effort to speed up the reclamation of quota, this is now\ndone in key_put() once the key's usage is reduced to 0 - but now the code\nis looking at the key after the deadline, which is forbidden.\n\nFix this by using a flag to indicate that a key can be gc'd now rather than\nlooking at the key's refcount in the garbage collector.\n\ud83d\udccf Published: 2025-03-31T19:41:46.137Z\n\ud83d\udccf Modified: 2025-03-31T19:41:46.137Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/6afe2ea2daec156bd94ad2c5a6f4f4c48240dcd3\n2. https://git.kernel.org/stable/c/f6a3cf833188e897c97028cd7b926e3f2cb1a8c0\n3. https://git.kernel.org/stable/c/75845c6c1a64483e9985302793dbf0dfa5f71e32", "creation_timestamp": "2025-03-31T20:31:08.000000Z"}, {"uuid": "7a74dedb-c3cd-45b5-a8b7-d313eaa5ece0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21895", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9925", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21895\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc->pmu != next_epc->pmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out &\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ]\n\ud83d\udccf Published: 2025-04-01T15:26:48.607Z\n\ud83d\udccf Modified: 2025-04-01T15:26:48.607Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/f0c3971405cef6892844016aa710121a02da3a23\n2. https://git.kernel.org/stable/c/7d582eb6e4e100959ba07083d7563453c8c2a343\n3. https://git.kernel.org/stable/c/3e812a70732d84b7873cea61a7f6349b9a9dcbf5\n4. https://git.kernel.org/stable/c/2016066c66192a99d9e0ebf433789c490a6785a2", "creation_timestamp": "2025-04-01T15:32:45.000000Z"}, {"uuid": "fdc242e4-3a2a-427d-a939-b3feea67bfec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21896", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9924", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21896\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: revert back to __readahead_folio() for readahead\n\nIn commit 3eab9d7bc2f4 (\"fuse: convert readahead to use folios\"), the\nlogic was converted to using the new folio readahead code, which drops\nthe reference on the folio once it is locked, using an inferred\nreference on the folio. Previously we held a reference on the folio for\nthe entire duration of the readpages call.\n\nThis is fine, however for the case for splice pipe responses where we\nwill remove the old folio and splice in the new folio (see\nfuse_try_move_page()), we assume that there is a reference held on the\nfolio for ap->folios, which is no longer the case.\n\nTo fix this, revert back to __readahead_folio() which allows us to hold\nthe reference on the folio for the duration of readpages until either we\ndrop the reference ourselves in fuse_readpages_end() or the reference is\ndropped after it's replaced in the page cache in the splice case.\nThis will fix the UAF bug that was reported.\n\ud83d\udccf Published: 2025-04-01T15:26:49.200Z\n\ud83d\udccf Modified: 2025-04-01T15:26:49.200Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/60db11f1b7fba4a66b117ea998d965818784a98d\n2. https://git.kernel.org/stable/c/0c67c37e1710b2a8f61c8a02db95a51fe577e2c1", "creation_timestamp": "2025-04-01T15:32:41.000000Z"}, {"uuid": "0f147246-7a3c-4ecc-b349-c03dcd877bef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21897", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9923", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21897\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nsched_ext: Fix pick_task_scx() picking non-queued tasks when it's called without balance()\n\na6250aa251ea (\"sched_ext: Handle cases where pick_task_scx() is called\nwithout preceding balance_scx()\") added a workaround to handle the cases\nwhere pick_task_scx() is called without prececing balance_scx() which is due\nto a fair class bug where pick_taks_fair() may return NULL after a true\nreturn from balance_fair().\n\nThe workaround detects when pick_task_scx() is called without preceding\nbalance_scx() and emulates SCX_RQ_BAL_KEEP and triggers kicking to avoid\nstalling. Unfortunately, the workaround code was testing whether @prev was\non SCX to decide whether to keep the task running. This is incorrect as the\ntask may be on SCX but no longer runnable.\n\nThis could lead to a non-runnable task to be returned from pick_task_scx()\nwhich cause interesting confusions and failures. e.g. A common failure mode\nis the task ending up with (!on_rq && on_cpu) state which can cause\npotential wakers to busy loop, which can easily lead to deadlocks.\n\nFix it by testing whether @prev has SCX_TASK_QUEUED set. This makes\n@prev_on_scx only used in one place. Open code the usage and improve the\ncomment while at it.\n\ud83d\udccf Published: 2025-04-01T15:26:49.705Z\n\ud83d\udccf Modified: 2025-04-01T15:26:49.705Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/5324c459f90d16b0c43a78b494c598915d782b7a\n2. https://git.kernel.org/stable/c/de60a31cb0bcacfaf9487546eac5e70e0a9c66d7\n3. https://git.kernel.org/stable/c/8fef0a3b17bb258130a4fcbcb5addf94b25e9ec5", "creation_timestamp": "2025-04-01T15:32:40.000000Z"}, {"uuid": "052baa68-7eb5-4543-97e9-8fc921dddb16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21898", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9922", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21898\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Avoid potential division by zero in function_stat_show()\n\nCheck whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}\nproduce zero and skip stddev computation in that case.\n\nFor now don't care about rec->counter * rec->counter overflow because\nrec->time * rec->time overflow will likely happen earlier.\n\ud83d\udccf Published: 2025-04-01T15:26:50.211Z\n\ud83d\udccf Modified: 2025-04-01T15:26:50.211Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/5b3d32f607f0478b414b16516cf27f9170cf66c8\n2. https://git.kernel.org/stable/c/ca381f60a3bb7cfaa618d73ca411610bd7fc3149\n3. https://git.kernel.org/stable/c/3d738b53ed6cddb68e68c9874520a4bf846163b5\n4. https://git.kernel.org/stable/c/992775227843c9376773784b8b362add44592ad7\n5. https://git.kernel.org/stable/c/f58a3f8e284d0bdf94164a8e61cd4e70d337a1a3\n6. https://git.kernel.org/stable/c/746cc474a95473591853927b3a9792a2d671155b\n7. https://git.kernel.org/stable/c/9cdac46fa7e854e587eb5f393fe491b6d7a9bdf6\n8. https://git.kernel.org/stable/c/a1a7eb89ca0b89dc1c326eeee2596f263291aca3", "creation_timestamp": "2025-04-01T15:32:39.000000Z"}, {"uuid": "ec01915e-4f53-4914-857a-975a4b87f986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21894", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9926", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21894\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC\n\nActually ENETC VFs do not support HWTSTAMP_TX_ONESTEP_SYNC because only\nENETC PF can access PMa_SINGLE_STEP registers. And there will be a crash\nif VFs are used to test one-step timestamp, the crash log as follows.\n\n[ 129.110909] Unable to handle kernel paging request at virtual address 00000000000080c0\n[ 129.287769] Call trace:\n[ 129.290219] enetc_port_mac_wr+0x30/0xec (P)\n[ 129.294504] enetc_start_xmit+0xda4/0xe74\n[ 129.298525] enetc_xmit+0x70/0xec\n[ 129.301848] dev_hard_start_xmit+0x98/0x118\n\ud83d\udccf Published: 2025-04-01T15:26:47.980Z\n\ud83d\udccf Modified: 2025-04-01T15:26:47.980Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/1748531839298ab7be682155f6cd98ae04773e6a\n2. https://git.kernel.org/stable/c/3d9634211121700568d0e3635ebdd5df06d20440\n3. https://git.kernel.org/stable/c/8c393efd7420cc994864d059fcc6219bfd7cb840\n4. https://git.kernel.org/stable/c/a562d0c4a893eae3ea51d512c4d90ab858a6b7ec", "creation_timestamp": "2025-04-01T15:32:46.000000Z"}]}