Vulnerability Details CVE-2025-21671
In the Linux kernel, the following vulnerability has been resolved:
zram: fix potential UAF of zram table
If zram_meta_alloc failed early, it frees allocated zram->table without
setting it NULL. Which will potentially cause zram_meta_free to access
the table if user reset an failed and uninitialized device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.2%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2025-21671
-
cpe:2.3:o:linux:linux_kernel:6.1.122
-
cpe:2.3:o:linux:linux_kernel:6.1.123
-
cpe:2.3:o:linux:linux_kernel:6.1.124
-
cpe:2.3:o:linux:linux_kernel:6.1.125
-
cpe:2.3:o:linux:linux_kernel:6.1.126
-
cpe:2.3:o:linux:linux_kernel:6.12.10
-
cpe:2.3:o:linux:linux_kernel:6.12.7
-
cpe:2.3:o:linux:linux_kernel:6.12.8
-
cpe:2.3:o:linux:linux_kernel:6.12.9
-
cpe:2.3:o:linux:linux_kernel:6.6.68
-
cpe:2.3:o:linux:linux_kernel:6.6.69
-
cpe:2.3:o:linux:linux_kernel:6.6.70
-
cpe:2.3:o:linux:linux_kernel:6.6.71
-
cpe:2.3:o:linux:linux_kernel:6.6.72
-
cpe:2.3:o:linux:linux_kernel:6.6.73