{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T22:32:49.534","vulnerabilities":[{"cve":{"id":"CVE-2025-21672","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-01-31T12:15:28.360","lastModified":"2025-10-01T20:18:18.587","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix merge preference rule failure condition\n\nsyzbot reported a lock held when returning to userspace[1].  This is\nbecause if argc is less than 0 and the function returns directly, the held\ninode lock is not released.\n\nFix this by store the error in ret and jump to done to clean up instead of\nreturning directly.\n\n[dh: Modified Lizhi Xu's original patch to make it honour the error code\nfrom afs_split_string()]\n\n[1]\nWARNING: lock held when returning to user space!\n6.13.0-rc3-syzkaller-00209-g499551201b5f #0 Not tainted\n------------------------------------------------\nsyz-executor133\/5823 is leaving the kernel with locks still held!\n1 lock held by syz-executor133\/5823:\n #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include\/linux\/fs.h:818 [inline]\n #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: afs_proc_addr_prefs_write+0x2bb\/0x14e0 fs\/afs\/addr_prefs.c:388"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: afs: Se corrige la condición de error de la regla de preferencia de fusión. syzbot informó de un bloqueo retenido al volver al espacio de usuario[1]. Esto se debe a que si argc es menor que 0 y la función retorna directamente, el bloqueo del inodo retenido no se libera. Corrija esto almacenando el error en ret y saltando a done para limpiar en lugar de regresar directamente. [dh: Se modificó el parche original de Lizhi Xu para que respete el código de error de afs_split_string()] [1] ADVERTENCIA: ¡bloqueo retenido al volver al espacio de usuario! 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 No contaminado ------------------------------------------------ ¡syz-executor133\/5823 está abandonando el kernel con bloqueos aún retenidos! 1 bloqueo mantenido por syz-executor133\/5823: #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, en: inode_lock include\/linux\/fs.h:818 [en línea] #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, en: afs_proc_addr_prefs_write+0x2bb\/0x14e0 fs\/afs\/addr_prefs.c:388"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-667"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-667"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.11","matchCriteriaId":"DFD823CF-B7AE-4315-B6BD-3BE57B376574"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*","matchCriteriaId":"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*","matchCriteriaId":"5A073481-106D-4B15-B4C7-FB0213B8E1D4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*","matchCriteriaId":"DE491969-75AE-4A6B-9A58-8FC5AF98798F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*","matchCriteriaId":"93C0660D-7FB8-4FBA-892A-B064BA71E49E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*","matchCriteriaId":"034C36A6-C481-41F3-AE9A-D116E5BE6895"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*","matchCriteriaId":"8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2"}]}]}],"references":[{"url":"https:\/\/git.kernel.org\/stable\/c\/17a4fde81d3a7478d97d15304a6d61094a10c2e3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/22be1d90a6211c88dd093b25d1f3aa974d0d9f9d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}