CVE-2025-21849 (GCVE-0-2025-21849)

Vulnerability from cvelistv5 – Published: 2025-03-12 09:42 – Updated: 2025-10-01 19:26
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Use spin_lock_irqsave() in interruptible context spin_lock/unlock() functions used in interrupt contexts could result in a deadlock, as seen in GitLab issue #13399, which occurs when interrupt comes in while holding a lock. Try to remedy the problem by saving irq state before spin lock acquisition. v2: add irqs' state save/restore calls to all locks/unlocks in signal_irq_work() execution (Maciej) v3: use with spin_lock_irqsave() in guc_lrc_desc_unpin() instead of other lock/unlock calls and add Fixes and Cc tags (Tvrtko); change title and commit message (cherry picked from commit c088387ddd6482b40f21ccf23db1125e8fa4af7e)
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 2f2cc53b5fe7022f3ae602eb24573d52f8740959 , < 2bf1f4c129db7a10920655b000f0292f1ee509c2 (git)
Affected: 2f2cc53b5fe7022f3ae602eb24573d52f8740959 , < 47ae46ac5407646420e06b78e0dad331e56a4bb4 (git)
Affected: 2f2cc53b5fe7022f3ae602eb24573d52f8740959 , < e49477f7f78598295551d486ecc7f020d796432e (git)
Create a notification for this product.
    Linux Linux Affected: 6.9
Unaffected: 0 , < 6.9 (semver)
Unaffected: 6.12.17 , ≤ 6.12.* (semver)
Unaffected: 6.13.5 , ≤ 6.13.* (semver)
Unaffected: 6.14 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-21849",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T19:26:20.912921Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-667",
                "description": "CWE-667 Improper Locking",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-01T19:26:39.006Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2bf1f4c129db7a10920655b000f0292f1ee509c2",
              "status": "affected",
              "version": "2f2cc53b5fe7022f3ae602eb24573d52f8740959",
              "versionType": "git"
            },
            {
              "lessThan": "47ae46ac5407646420e06b78e0dad331e56a4bb4",
              "status": "affected",
              "version": "2f2cc53b5fe7022f3ae602eb24573d52f8740959",
              "versionType": "git"
            },
            {
              "lessThan": "e49477f7f78598295551d486ecc7f020d796432e",
              "status": "affected",
              "version": "2f2cc53b5fe7022f3ae602eb24573d52f8740959",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.9"
            },
            {
              "lessThan": "6.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.17",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.17",
                  "versionStartIncluding": "6.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.5",
                  "versionStartIncluding": "6.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14",
                  "versionStartIncluding": "6.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Use spin_lock_irqsave() in interruptible context\n\nspin_lock/unlock() functions used in interrupt contexts could\nresult in a deadlock, as seen in GitLab issue #13399,\nwhich occurs when interrupt comes in while holding a lock.\n\nTry to remedy the problem by saving irq state before spin lock\nacquisition.\n\nv2: add irqs\u0027 state save/restore calls to all locks/unlocks in\n signal_irq_work() execution (Maciej)\n\nv3: use with spin_lock_irqsave() in guc_lrc_desc_unpin() instead\n of other lock/unlock calls and add Fixes and Cc tags (Tvrtko);\n change title and commit message\n\n(cherry picked from commit c088387ddd6482b40f21ccf23db1125e8fa4af7e)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:22:30.523Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2bf1f4c129db7a10920655b000f0292f1ee509c2"
        },
        {
          "url": "https://git.kernel.org/stable/c/47ae46ac5407646420e06b78e0dad331e56a4bb4"
        },
        {
          "url": "https://git.kernel.org/stable/c/e49477f7f78598295551d486ecc7f020d796432e"
        }
      ],
      "title": "drm/i915/gt: Use spin_lock_irqsave() in interruptible context",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-21849",
    "datePublished": "2025-03-12T09:42:04.946Z",
    "dateReserved": "2024-12-29T08:45:45.779Z",
    "dateUpdated": "2025-10-01T19:26:39.006Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-21849\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-03-12T10:15:17.367\",\"lastModified\":\"2025-10-01T20:18:28.797\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/i915/gt: Use spin_lock_irqsave() in interruptible context\\n\\nspin_lock/unlock() functions used in interrupt contexts could\\nresult in a deadlock, as seen in GitLab issue #13399,\\nwhich occurs when interrupt comes in while holding a lock.\\n\\nTry to remedy the problem by saving irq state before spin lock\\nacquisition.\\n\\nv2: add irqs\u0027 state save/restore calls to all locks/unlocks in\\n signal_irq_work() execution (Maciej)\\n\\nv3: use with spin_lock_irqsave() in guc_lrc_desc_unpin() instead\\n of other lock/unlock calls and add Fixes and Cc tags (Tvrtko);\\n change title and commit message\\n\\n(cherry picked from commit c088387ddd6482b40f21ccf23db1125e8fa4af7e)\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/i915/gt: El uso de spin_lock_irqsave() en un contexto interrumpible. Las funciones spin_lock/unlock() utilizadas en contextos de interrupci\u00f3n podr\u00edan provocar un interbloqueo, como se observ\u00f3 en el problema n.\u00b0 13399 de GitLab, que ocurre cuando la interrupci\u00f3n entra mientras se mantiene un bloqueo. Intente solucionar el problema guardando el estado de las irq antes de adquirir el bloqueo de giro. v2: a\u00f1adir llamadas de guardado/restauraci\u00f3n de estado de las irq a todos los bloqueos/desbloqueos en la ejecuci\u00f3n de signal_irq_work() (Maciej). v3: usar con spin_lock_irqsave() en guc_lrc_desc_unpin() en lugar de otras llamadas de bloqueo/desbloqueo y a\u00f1adir las etiquetas \\\"Fixes\\\" y \\\"Cc\\\" (Tvrtko); cambiar el t\u00edtulo y el mensaje de confirmaci\u00f3n (seleccionado del commit c088387ddd6482b40f21ccf23db1125e8fa4af7e).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.9\",\"versionEndExcluding\":\"6.12.17\",\"matchCriteriaId\":\"3E513C8F-C336-4B36-A14B-ABDBD0C33C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.5\",\"matchCriteriaId\":\"72E69ABB-9015-43A6-87E1-5150383CFFD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"186716B6-2B66-4BD0-852E-D48E71C0C85F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D3E781C-403A-498F-9DA9-ECEE50F41E75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"66619FB8-0AAF-4166-B2CF-67B24143261D\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2bf1f4c129db7a10920655b000f0292f1ee509c2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/47ae46ac5407646420e06b78e0dad331e56a4bb4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e49477f7f78598295551d486ecc7f020d796432e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-21849\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-01T19:26:20.912921Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-667\", \"description\": \"CWE-667 Improper Locking\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-01T16:58:12.864Z\"}}], \"cna\": {\"title\": \"drm/i915/gt: Use spin_lock_irqsave() in interruptible context\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"2f2cc53b5fe7022f3ae602eb24573d52f8740959\", \"lessThan\": \"2bf1f4c129db7a10920655b000f0292f1ee509c2\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2f2cc53b5fe7022f3ae602eb24573d52f8740959\", \"lessThan\": \"47ae46ac5407646420e06b78e0dad331e56a4bb4\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2f2cc53b5fe7022f3ae602eb24573d52f8740959\", \"lessThan\": \"e49477f7f78598295551d486ecc7f020d796432e\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.9\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.12.17\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.13.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.13.*\"}, {\"status\": \"unaffected\", \"version\": \"6.14\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/2bf1f4c129db7a10920655b000f0292f1ee509c2\"}, {\"url\": \"https://git.kernel.org/stable/c/47ae46ac5407646420e06b78e0dad331e56a4bb4\"}, {\"url\": \"https://git.kernel.org/stable/c/e49477f7f78598295551d486ecc7f020d796432e\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/i915/gt: Use spin_lock_irqsave() in interruptible context\\n\\nspin_lock/unlock() functions used in interrupt contexts could\\nresult in a deadlock, as seen in GitLab issue #13399,\\nwhich occurs when interrupt comes in while holding a lock.\\n\\nTry to remedy the problem by saving irq state before spin lock\\nacquisition.\\n\\nv2: add irqs\u0027 state save/restore calls to all locks/unlocks in\\n signal_irq_work() execution (Maciej)\\n\\nv3: use with spin_lock_irqsave() in guc_lrc_desc_unpin() instead\\n of other lock/unlock calls and add Fixes and Cc tags (Tvrtko);\\n change title and commit message\\n\\n(cherry picked from commit c088387ddd6482b40f21ccf23db1125e8fa4af7e)\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.17\", \"versionStartIncluding\": \"6.9\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.13.5\", \"versionStartIncluding\": \"6.9\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.14\", \"versionStartIncluding\": \"6.9\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T07:22:30.523Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-21849\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-01T19:26:39.006Z\", \"dateReserved\": \"2024-12-29T08:45:45.779Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-03-12T09:42:04.946Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.