一、 漏洞 CVE-2025-21672 基础信息
漏洞标题
AFS: 修复合并优先级规则失败条件
来源:AIGC 神龙大模型
漏洞描述信息
在Linux内核中,已修复以下漏洞: afs: 修复合并优先级规则失败条件 syzbot报告了在返回用户空间时持有的锁[1]。这是因为当argc小于0且函数直接返回时,持有的inode锁不会被释放。 通过将错误存储在ret中并跳转到done进行清理而不是直接返回来修复此问题。 [dh: 修改了Lizhi Xu的原始补丁,使其尊重afs_split_string()的错误代码] [1] WARNING: lock held when returning to user space! 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 Not tainted ------------------------------------------------ syz-executor133/5823在离开内核时仍然持有锁! 持有的1个锁由syz-executor133/5823持有: #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include/linux/fs.h:818 [inline] #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: afs_proc_addr_prefs_write+0x2bb/0x14e0 fs/afs/addr_prefs.c:388
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
来源:AIGC 神龙大模型
漏洞类别
对异常条件的处理不恰当
来源:AIGC 神龙大模型
漏洞标题
afs: Fix merge preference rule failure condition
来源:美国国家漏洞数据库 NVD
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace[1]. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by store the error in ret and jump to done to clean up instead of returning directly. [dh: Modified Lizhi Xu's original patch to make it honour the error code from afs_split_string()] [1] WARNING: lock held when returning to user space! 6.13.0-rc3-syzkaller-00209-g499551201b5f #0 Not tainted ------------------------------------------------ syz-executor133/5823 is leaving the kernel with locks still held! 1 lock held by syz-executor133/5823: #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include/linux/fs.h:818 [inline] #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: afs_proc_addr_prefs_write+0x2bb/0x14e0 fs/afs/addr_prefs.c:388
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
二、漏洞 CVE-2025-21672 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2025-21672 的情报信息