{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-21691", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-12-29T08:45:45.742Z", "datePublished": "2025-02-10T15:58:47.219Z", "dateUpdated": "2025-03-24T15:38:57.946Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-24T15:38:57.946Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachestat: fix page cache statistics permission checking\n\nWhen the 'cachestat()' system call was added in commit cf264e1329fb\n(\"cachestat: implement cachestat syscall\"), it was meant to be a much\nmore convenient (and performant) version of mincore() that didn't need\nmapping things into the user virtual address space in order to work.\n\nBut it ended up missing the \"check for writability or ownership\" fix for\nmincore(), done in commit 134fca9063ad (\"mm/mincore.c: make mincore()\nmore conservative\").\n\nThis just adds equivalent logic to 'cachestat()', modified for the file\ncontext (rather than vma)."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/filemap.c"], "versions": [{"version": "cf264e1329fb0307e044f7675849f9f38b44c11a", "lessThan": "7d6405c13b0d8a8367cd8df63f118b619a3f0dd2", "status": "affected", "versionType": "git"}, {"version": "cf264e1329fb0307e044f7675849f9f38b44c11a", "lessThan": "780ab8329672464984cf1344bd5c3993af0226c7", "status": "affected", "versionType": "git"}, {"version": "cf264e1329fb0307e044f7675849f9f38b44c11a", "lessThan": "97153a05077f618f7471f50a78158602badccb30", "status": "affected", "versionType": "git"}, {"version": "cf264e1329fb0307e044f7675849f9f38b44c11a", "lessThan": "5f537664e705b0bf8b7e329861f20128534f6a83", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/filemap.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.75", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.12", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13.1", "lessThanOrEqual": "6.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/7d6405c13b0d8a8367cd8df63f118b619a3f0dd2"}, {"url": "https://git.kernel.org/stable/c/780ab8329672464984cf1344bd5c3993af0226c7"}, {"url": "https://git.kernel.org/stable/c/97153a05077f618f7471f50a78158602badccb30"}, {"url": "https://git.kernel.org/stable/c/5f537664e705b0bf8b7e329861f20128534f6a83"}], "title": "cachestat: fix page cache statistics permission checking", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachestat: fix page cache statistics permission checking\n\nWhen the 'cachestat()' system call was added in commit cf264e1329fb\n(\"cachestat: implement cachestat syscall\"), it was meant to be a much\nmore convenient (and performant) version of mincore() that didn't need\nmapping things into the user virtual address space in order to work.\n\nBut it ended up missing the \"check for writability or ownership\" fix for\nmincore(), done in commit 134fca9063ad (\"mm/mincore.c: make mincore()\nmore conservative\").\n\nThis just adds equivalent logic to 'cachestat()', modified for the file\ncontext (rather than vma)."}], "id": "CVE-2025-21691", "lastModified": "2025-02-10T16:15:38.660", "metrics": {}, "published": "2025-02-10T16:15:38.660", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5f537664e705b0bf8b7e329861f20128534f6a83"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/780ab8329672464984cf1344bd5c3993af0226c7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7d6405c13b0d8a8367cd8df63f118b619a3f0dd2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/97153a05077f618f7471f50a78158602badccb30"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: cachestat: fix page cache statistics permission checking", "id": "2344687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344687"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-863", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncachestat: fix page cache statistics permission checking\nWhen the 'cachestat()' system call was added in commit cf264e1329fb\n(\"cachestat: implement cachestat syscall\"), it was meant to be a much\nmore convenient (and performant) version of mincore() that didn't need\nmapping things into the user virtual address space in order to work.\nBut it ended up missing the \"check for writability or ownership\" fix for\nmincore(), done in commit 134fca9063ad (\"mm/mincore.c: make mincore()\nmore conservative\").\nThis just adds equivalent logic to 'cachestat()', modified for the file\ncontext (rather than vma)."], "name": "CVE-2025-21691", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-21691\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-21691\nhttps://lore.kernel.org/linux-cve-announce/2025021055-CVE-2025-21691-2bd2@gregkh/T"], "threat_severity": "Moderate"}