摘要:
In the Linux kernel, the following vulnerability has been resolved:
fs/netfs/read_collect: add to next->prev_donated
If multiple subrequests donate data to the same "next" request
(depending on the subrequest completion order), each of them would
overwrite the `prev_donated` field, causing data corruption and a
BUG() crash ("Can't donate prior to front").
安全等级: Low
公告ID: KylinSec-SA-2025-2365
发布日期: 2025年4月20日
关联CVE: CVE-2025-21988
Linux 内核中发现以下漏洞并已修复:
fs/netfs/read_collect:添加至 next->prev_donated
当多个子请求向同一个"next"请求捐赠数据时(取决于子请求的完成顺序),每个子请求都会覆盖prev_donated字段,导致数据损坏并引发BUG()崩溃("不能在front之前捐赠")。
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2025-21988 | KY3.4-5 | kernel | Unaffected |
| CVE-2025-21988 | V6 | kernel | Unaffected |
