CVE-2025-21908 (GCVE-0-2025-21908)

Vulnerability from cvelistv5 – Published: 2025-04-01 15:40 – Updated: 2025-10-01 19:26
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback Add PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so nfs_release_folio() can skip calling nfs_wb_folio() from kcompactd. Otherwise NFS can deadlock waiting for kcompactd enduced writeback which recurses back to NFS (which triggers writeback to NFSD via NFS loopback mount on the same host, NFSD blocks waiting for XFS's call to __filemap_get_folio): 6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds. {--- [58] "kcompactd0" [<0>] folio_wait_bit+0xe8/0x200 [<0>] folio_wait_writeback+0x2b/0x80 [<0>] nfs_wb_folio+0x80/0x1b0 [nfs] [<0>] nfs_release_folio+0x68/0x130 [nfs] [<0>] split_huge_page_to_list_to_order+0x362/0x840 [<0>] migrate_pages_batch+0x43d/0xb90 [<0>] migrate_pages_sync+0x9a/0x240 [<0>] migrate_pages+0x93c/0x9f0 [<0>] compact_zone+0x8e2/0x1030 [<0>] compact_node+0xdb/0x120 [<0>] kcompactd+0x121/0x2e0 [<0>] kthread+0xcf/0x100 [<0>] ret_from_fork+0x31/0x40 [<0>] ret_from_fork_asm+0x1a/0x30 ---} [akpm@linux-foundation.org: fix build]
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 96780ca55e3cbf4f150fd5a833a61492c9947b5b , < ab0727d6e2196682351c25c1dd112136f6991f11 (git)
Affected: 96780ca55e3cbf4f150fd5a833a61492c9947b5b , < 5ae31c54cff745832b9bd5b32e71f3d1b607cd1e (git)
Affected: 96780ca55e3cbf4f150fd5a833a61492c9947b5b , < 8253ff29edcb429a9a6c75710941c6a16a9a34b1 (git)
Affected: 96780ca55e3cbf4f150fd5a833a61492c9947b5b , < ce6d9c1c2b5cc785016faa11b48b6cd317eb367e (git)
Create a notification for this product.
    Linux Linux Affected: 6.3
Unaffected: 0 , < 6.3 (semver)
Unaffected: 6.6.83 , ≤ 6.6.* (semver)
Unaffected: 6.12.19 , ≤ 6.12.* (semver)
Unaffected: 6.13.7 , ≤ 6.13.* (semver)
Unaffected: 6.14 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-21908",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T19:24:19.635147Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-667",
                "description": "CWE-667 Improper Locking",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-01T19:26:34.548Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/file.c",
            "include/linux/compaction.h",
            "include/linux/sched.h",
            "mm/compaction.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ab0727d6e2196682351c25c1dd112136f6991f11",
              "status": "affected",
              "version": "96780ca55e3cbf4f150fd5a833a61492c9947b5b",
              "versionType": "git"
            },
            {
              "lessThan": "5ae31c54cff745832b9bd5b32e71f3d1b607cd1e",
              "status": "affected",
              "version": "96780ca55e3cbf4f150fd5a833a61492c9947b5b",
              "versionType": "git"
            },
            {
              "lessThan": "8253ff29edcb429a9a6c75710941c6a16a9a34b1",
              "status": "affected",
              "version": "96780ca55e3cbf4f150fd5a833a61492c9947b5b",
              "versionType": "git"
            },
            {
              "lessThan": "ce6d9c1c2b5cc785016faa11b48b6cd317eb367e",
              "status": "affected",
              "version": "96780ca55e3cbf4f150fd5a833a61492c9947b5b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/file.c",
            "include/linux/compaction.h",
            "include/linux/sched.h",
            "mm/compaction.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.83",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.19",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.7",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\n\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\n\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\n__filemap_get_folio):\n\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\n\n{---\n[58] \"kcompactd0\"\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\n[\u003c0\u003e] compact_node+0xdb/0x120\n[\u003c0\u003e] kcompactd+0x121/0x2e0\n[\u003c0\u003e] kthread+0xcf/0x100\n[\u003c0\u003e] ret_from_fork+0x31/0x40\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\n---}\n\n[akpm@linux-foundation.org: fix build]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:24:04.110Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ab0727d6e2196682351c25c1dd112136f6991f11"
        },
        {
          "url": "https://git.kernel.org/stable/c/5ae31c54cff745832b9bd5b32e71f3d1b607cd1e"
        },
        {
          "url": "https://git.kernel.org/stable/c/8253ff29edcb429a9a6c75710941c6a16a9a34b1"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce6d9c1c2b5cc785016faa11b48b6cd317eb367e"
        }
      ],
      "title": "NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-21908",
    "datePublished": "2025-04-01T15:40:48.171Z",
    "dateReserved": "2024-12-29T08:45:45.786Z",
    "dateUpdated": "2025-10-01T19:26:34.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-21908\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-04-01T16:15:21.323\",\"lastModified\":\"2025-10-01T20:18:32.740\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\\n\\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\\n\\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\\n__filemap_get_folio):\\n\\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\\n\\n{---\\n[58] \\\"kcompactd0\\\"\\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\\n[\u003c0\u003e] compact_node+0xdb/0x120\\n[\u003c0\u003e] kcompactd+0x121/0x2e0\\n[\u003c0\u003e] kthread+0xcf/0x100\\n[\u003c0\u003e] ret_from_fork+0x31/0x40\\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\\n---}\\n\\n[akpm@linux-foundation.org: fix build]\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFS: se corrige que nfs_release_folio() no se bloquee mediante la reescritura de kcompactd. Se a\u00f1ade el indicador PF_KCOMPACTD y el asistente current_is_kcompactd() para comprobarlo, de modo que nfs_release_folio() pueda omitir la llamada a nfs_wb_folio() desde kcompactd. De lo contrario, NFS puede bloquearse a la espera de la reescritura inducida por kcompactd, que recurre a NFS (lo que activa la reescritura en NFSD mediante el montaje de bucle invertido de NFS en el mismo host; NFSD se bloquea a la espera de la llamada de XFS a __filemap_get_folio): 6070.550357] INFORMACI\u00d3N: la tarea kcompactd0:58 ha estado bloqueada durante m\u00e1s de 4435 segundos. {--- [58] \\\"kcompactd0\\\" [\u0026lt;0\u0026gt;] folio_wait_bit+0xe8/0x200 [\u0026lt;0\u0026gt;] folio_wait_writeback+0x2b/0x80 [\u0026lt;0\u0026gt;] nfs_wb_folio+0x80/0x1b0 [nfs] [\u0026lt;0\u0026gt;] nfs_release_folio+0x68/0x130 [nfs] [\u0026lt;0\u0026gt;] split_huge_page_to_list_to_order+0x362/0x840 [\u0026lt;0\u0026gt;] migrate_pages_batch+0x43d/0xb90 [\u0026lt;0\u0026gt;] migrate_pages_sync+0x9a/0x240 [\u0026lt;0\u0026gt;] migrate_pages+0x93c/0x9f0 [\u0026lt;0\u0026gt;] compact_zone+0x8e2/0x1030 [\u0026lt;0\u0026gt;] compact_node+0xdb/0x120 [\u0026lt;0\u0026gt;] kcompactd+0x121/0x2e0 [\u0026lt;0\u0026gt;] kthread+0xcf/0x100 [\u0026lt;0\u0026gt;] ret_from_fork+0x31/0x40 [\u0026lt;0\u0026gt;] ret_from_fork_asm+0x1a/0x30 ---} [akpm@linux-foundation.org: correcci\u00f3n de compilaci\u00f3n]\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3\",\"versionEndExcluding\":\"6.6.83\",\"matchCriteriaId\":\"A03BD908-74B6-4371-B16D-FAEE17484A4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.19\",\"matchCriteriaId\":\"32865E5C-8AE1-4D3D-A64D-299039694A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.7\",\"matchCriteriaId\":\"842F5A44-3E71-4546-B4FD-43B0ACE3F32B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"186716B6-2B66-4BD0-852E-D48E71C0C85F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D3E781C-403A-498F-9DA9-ECEE50F41E75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"66619FB8-0AAF-4166-B2CF-67B24143261D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3D6550E-6679-4560-902D-AF52DCFE905B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"45B90F6B-BEC7-4D4E-883A-9DBADE021750\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/5ae31c54cff745832b9bd5b32e71f3d1b607cd1e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8253ff29edcb429a9a6c75710941c6a16a9a34b1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ab0727d6e2196682351c25c1dd112136f6991f11\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ce6d9c1c2b5cc785016faa11b48b6cd317eb367e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-21908\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-01T19:24:19.635147Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-667\", \"description\": \"CWE-667 Improper Locking\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-01T14:37:31.721Z\"}}], \"cna\": {\"title\": \"NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"96780ca55e3cbf4f150fd5a833a61492c9947b5b\", \"lessThan\": \"ab0727d6e2196682351c25c1dd112136f6991f11\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"96780ca55e3cbf4f150fd5a833a61492c9947b5b\", \"lessThan\": \"5ae31c54cff745832b9bd5b32e71f3d1b607cd1e\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"96780ca55e3cbf4f150fd5a833a61492c9947b5b\", \"lessThan\": \"8253ff29edcb429a9a6c75710941c6a16a9a34b1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"96780ca55e3cbf4f150fd5a833a61492c9947b5b\", \"lessThan\": \"ce6d9c1c2b5cc785016faa11b48b6cd317eb367e\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/nfs/file.c\", \"include/linux/compaction.h\", \"include/linux/sched.h\", \"mm/compaction.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.3\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.83\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.19\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.13.7\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.13.*\"}, {\"status\": \"unaffected\", \"version\": \"6.14\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/nfs/file.c\", \"include/linux/compaction.h\", \"include/linux/sched.h\", \"mm/compaction.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/ab0727d6e2196682351c25c1dd112136f6991f11\"}, {\"url\": \"https://git.kernel.org/stable/c/5ae31c54cff745832b9bd5b32e71f3d1b607cd1e\"}, {\"url\": \"https://git.kernel.org/stable/c/8253ff29edcb429a9a6c75710941c6a16a9a34b1\"}, {\"url\": \"https://git.kernel.org/stable/c/ce6d9c1c2b5cc785016faa11b48b6cd317eb367e\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\\n\\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\\n\\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\\n__filemap_get_folio):\\n\\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\\n\\n{---\\n[58] \\\"kcompactd0\\\"\\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\\n[\u003c0\u003e] compact_node+0xdb/0x120\\n[\u003c0\u003e] kcompactd+0x121/0x2e0\\n[\u003c0\u003e] kthread+0xcf/0x100\\n[\u003c0\u003e] ret_from_fork+0x31/0x40\\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\\n---}\\n\\n[akpm@linux-foundation.org: fix build]\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.83\", \"versionStartIncluding\": \"6.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.19\", \"versionStartIncluding\": \"6.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.13.7\", \"versionStartIncluding\": \"6.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.14\", \"versionStartIncluding\": \"6.3\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T07:24:04.110Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-21908\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-01T19:26:34.548Z\", \"dateReserved\": \"2024-12-29T08:45:45.786Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-04-01T15:40:48.171Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.