CVE-2025-21908 is a vulnerability identified in the Linux kernel related to the Network File System (NFS) implementation, specifically in the function nfs_release_folio(). The issue arises from a deadlock condition triggered during memory compaction operations handled by the kernel's kcompactd thread. The root cause is that nfs_release_folio() calls nfs_wb_folio(), which initiates writeback operations. When these writebacks occur in the context of kcompactd, a recursive deadlock can happen because kcompactd waits on writeback completion that in turn triggers NFS writeback to the NFS daemon (NFSD) via a loopback mount on the same host. NFSD then blocks waiting for XFS filesystem operations, creating a circular dependency that halts the kcompactd thread indefinitely. This deadlock can severely impact system stability and performance, as kcompactd is responsible for memory compaction, a critical kernel function for managing memory fragmentation. The fix introduced involves adding a PF_KCOMPACTD flag and a helper function current_is_kcompactd() to detect when the current context is kcompactd, allowing nfs_release_folio() to skip calling nfs_wb_folio() in this scenario, thus preventing the deadlock. This vulnerability affects Linux kernel versions identified by the given commit hashes and was publicly disclosed on April 1, 2025. There are no known exploits in the wild at this time, and no CVSS score has been assigned yet.

For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with NFS mounts, especially those using XFS filesystems and relying on memory compaction for performance optimization. The deadlock can cause prolonged system hangs or degraded performance, impacting availability of critical services that depend on NFS for file sharing and storage. This is particularly relevant for data centers, cloud service providers, and enterprises using Linux-based infrastructure with NFS storage backends. The deadlock could lead to denial of service conditions, affecting business continuity and potentially causing cascading failures in multi-tenant environments. While this vulnerability does not directly expose confidentiality or integrity risks, the availability impact can be significant, especially in high-demand environments. The absence of known exploits reduces immediate risk, but unpatched systems remain vulnerable to potential future exploitation or accidental triggering of the deadlock under heavy memory compaction and NFS load conditions.

European organizations should prioritize updating their Linux kernel to versions that include the fix for CVE-2025-21908. Specifically, kernel versions incorporating the PF_KCOMPACTD flag and the updated nfs_release_folio() logic should be deployed. System administrators should audit their environments for NFS usage patterns, particularly where loopback mounts and XFS filesystems are involved, as these configurations are more susceptible to the deadlock. Monitoring kernel logs for signs of kcompactd thread blocking or prolonged writeback delays can help identify affected systems. In environments where immediate patching is not feasible, temporarily reducing memory compaction aggressiveness or adjusting NFS mount options to minimize writeback recursion may mitigate the risk. Additionally, thorough testing of kernel updates in staging environments is recommended to ensure compatibility and stability before production deployment. Implementing robust system monitoring and alerting for kernel thread stalls will aid in early detection of this issue.