CVE-2025-21665 is a vulnerability identified in the Linux kernel affecting 32-bit kernel versions when using the XFS filesystem. The root cause lies in the filemap subsystem, specifically in the function folio_seek_hole_data(), which is responsible for locating holes (unallocated or zeroed regions) within files. In 32-bit kernels, this function inadvertently truncates a 64-bit offset value to 32 bits. This truncation causes incorrect handling of file offsets during write operations on XFS filesystems. The consequence of this truncation is a potential infinite loop during write operations, which can lead to system hangs or denial of service (DoS) conditions. The vulnerability arises because the 32-bit kernel cannot correctly process large file offsets, leading to logical errors in file mapping and offset calculations. This issue does not require user interaction or authentication to be exploited, but it is limited to systems running 32-bit Linux kernels with the XFS filesystem. The vulnerability was resolved by correcting the offset handling to properly maintain 64-bit values, preventing the truncation and the resulting infinite loop. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.

For European organizations, the impact of CVE-2025-21665 primarily involves potential denial of service conditions on affected Linux systems running 32-bit kernels with XFS filesystems. Organizations relying on legacy or embedded 32-bit Linux systems, particularly those using XFS for storage, may experience system instability or crashes during file write operations, disrupting business-critical applications and services. While modern 64-bit systems are not affected, certain industrial control systems, embedded devices, or legacy infrastructure in sectors such as manufacturing, telecommunications, or government may still use 32-bit kernels. The infinite loop could lead to resource exhaustion, requiring manual intervention or system reboots, thus impacting availability. Confidentiality and integrity impacts are minimal since the vulnerability does not allow arbitrary code execution or data corruption beyond the infinite loop condition. However, availability degradation can have cascading effects on operational continuity, especially in environments with strict uptime requirements.

To mitigate CVE-2025-21665, European organizations should: 1) Identify and inventory all Linux systems running 32-bit kernels, especially those utilizing the XFS filesystem. 2) Apply the official Linux kernel patches that fix the offset truncation issue as soon as they become available. 3) Where patching is not immediately feasible, consider migrating critical workloads to 64-bit Linux systems, which are not affected by this vulnerability. 4) Implement monitoring for unusual system behavior such as unexpected hangs or infinite loops during file write operations on XFS volumes. 5) For embedded or legacy devices, coordinate with vendors for firmware or kernel updates addressing this vulnerability. 6) Establish incident response procedures to quickly recover affected systems, including automated reboots or failover mechanisms to minimize downtime. 7) Avoid using 32-bit kernels for new deployments, especially in environments requiring high availability and stability.