CVE-2025-21949: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set hugetlb mmap base address aligned with pmd size With ltp test case "testcases/bin/hugefork02", there is a dmesg error report message such as: kernel BUG at mm/hugetlb.c:5550! Oops - BUG[#1]: CPU: 0 UID: 0 PID: 1517 Comm: hugefork02 Not tainted 6.14.0-rc2+ #241 Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022 pc 90000000004eaf1c ra 9000000000485538 tp 900000010edbc000 sp 900000010edbf940 a0 900000010edbfb00 a1 9000000108d20280 a2 00007fffe9474000 a3 00007ffff3474000 a4 0000000000000000 a5 0000000000000003 a6 00000000003cadd3 a7 0000000000000000 t0 0000000001ffffff t1 0000000001474000 t2 900000010ecd7900 t3 00007fffe9474000 t4 00007fffe9474000 t5 0000000000000040 t6 900000010edbfb00 t7 0000000000000001 t8 0000000000000005 u0 90000000004849d0 s9 900000010edbfa00 s0 9000000108d20280 s1 00007fffe9474000 s2 0000000002000000 s3 9000000108d20280 s4 9000000002b38b10 s5 900000010edbfb00 s6 00007ffff3474000 s7 0000000000000406 s8 900000010edbfa08 ra: 9000000000485538 unmap_vmas+0x130/0x218 ERA: 90000000004eaf1c __unmap_hugepage_range+0x6f4/0x7d0 PRMD: 00000004 (PPLV0 +PIE -PWE) EUEN: 00000007 (+FPE +SXE +ASXE -BTE) ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7) ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0) PRID: 0014c010 (Loongson-64bit, Loongson-3A5000) Process hugefork02 (pid: 1517, threadinfo=00000000a670eaf4, task=000000007a95fc64) Call Trace: [<90000000004eaf1c>] __unmap_hugepage_range+0x6f4/0x7d0 [<9000000000485534>] unmap_vmas+0x12c/0x218 [<9000000000494068>] exit_mmap+0xe0/0x308 [<900000000025fdc4>] mmput+0x74/0x180 [<900000000026a284>] do_exit+0x294/0x898 [<900000000026aa30>] do_group_exit+0x30/0x98 [<900000000027bed4>] get_signal+0x83c/0x868 [<90000000002457b4>] arch_do_signal_or_restart+0x54/0xfa0 [<90000000015795e8>] irqentry_exit_to_user_mode+0xb8/0x138 [<90000000002572d0>] tlb_do_page_fault_1+0x114/0x1b4 The problem is that base address allocated from hugetlbfs is not aligned with pmd size. Here add a checking for hugetlbfs and align base address with pmd size. After this patch the test case "testcases/bin/hugefork02" passes to run. This is similar to the commit 7f24cbc9c4d42db8a3c8484d1 ("mm/mmap: teach generic_get_unmapped_area{_topdown} to handle hugetlb mappings").
AI Analysis
Technical Summary
CVE-2025-21949 is a vulnerability identified in the Linux kernel specifically affecting the LoongArch architecture. The issue arises from improper alignment of the base address allocated from the hugetlbfs (HugeTLB filesystem) with the page middle directory (PMD) size. HugeTLB is a feature in Linux that allows the use of large memory pages to improve performance for memory-intensive applications. The vulnerability manifests as a kernel BUG and Oops error during the execution of the ltp test case "testcases/bin/hugefork02", indicating a critical fault in the memory management subsystem. The root cause is that the base address for huge page mappings was not properly aligned with the PMD size, which is a fundamental requirement for correct memory mapping and management. This misalignment can lead to kernel crashes and instability, as demonstrated by the kernel panic and call trace logs provided. The patch for this vulnerability involves adding a check for hugetlbfs and ensuring that the base address is aligned with the PMD size, thereby preventing the kernel from encountering the BUG during unmapping operations. This fix aligns with previous kernel improvements related to hugetlb mappings, such as the commit 7f24cbc9c4d42db8a3c8484d1, which enhanced the generic_get_unmapped_area functions to handle hugetlb mappings correctly. Although this vulnerability currently has no known exploits in the wild, it represents a significant stability and reliability risk for systems running vulnerable Linux kernel versions on LoongArch architecture, particularly those utilizing hugetlbfs for large memory page management.
Potential Impact
For European organizations, the impact of CVE-2025-21949 primarily concerns systems running Linux kernels on LoongArch architecture, which is less common compared to x86 or ARM architectures but may be present in specialized environments or emerging markets. The vulnerability can cause kernel crashes and system instability, leading to potential denial of service (DoS) conditions. This can disrupt critical services, especially in data centers, cloud environments, or high-performance computing clusters that rely on huge pages for optimized memory management. Organizations using hugetlbfs for performance-critical applications may experience unexpected downtime or degraded performance, impacting business continuity. Additionally, kernel crashes can complicate forensic investigations and incident response efforts. While there is no evidence of exploitation in the wild, the vulnerability's presence in the kernel memory management subsystem means that attackers with local access could potentially trigger system crashes, affecting availability. For sectors such as finance, healthcare, and critical infrastructure in Europe, where uptime and data integrity are paramount, this vulnerability poses a moderate risk that must be addressed promptly to maintain operational resilience.
Mitigation Recommendations
1. Immediate patching: European organizations should prioritize updating their Linux kernels to versions that include the fix for CVE-2025-21949. Since this vulnerability affects the LoongArch architecture, ensure that kernel updates specific to this architecture are applied. 2. Kernel configuration review: Verify that hugetlbfs usage is necessary and configured correctly. If huge pages are not required, consider disabling hugetlbfs to reduce the attack surface. 3. Testing and validation: Before deploying kernel updates in production, conduct thorough testing in staging environments to ensure stability and compatibility, especially for applications relying on huge pages. 4. Monitoring and alerting: Implement enhanced monitoring for kernel Oops and BUG messages in system logs to detect any attempts to exploit or trigger this vulnerability. 5. Access control: Restrict local access to systems running vulnerable kernels to trusted users only, minimizing the risk of local exploitation. 6. Incident response preparedness: Update incident response playbooks to include steps for handling kernel crashes related to hugetlbfs issues, ensuring rapid recovery and root cause analysis.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland
CVE-2025-21949: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set hugetlb mmap base address aligned with pmd size With ltp test case "testcases/bin/hugefork02", there is a dmesg error report message such as: kernel BUG at mm/hugetlb.c:5550! Oops - BUG[#1]: CPU: 0 UID: 0 PID: 1517 Comm: hugefork02 Not tainted 6.14.0-rc2+ #241 Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022 pc 90000000004eaf1c ra 9000000000485538 tp 900000010edbc000 sp 900000010edbf940 a0 900000010edbfb00 a1 9000000108d20280 a2 00007fffe9474000 a3 00007ffff3474000 a4 0000000000000000 a5 0000000000000003 a6 00000000003cadd3 a7 0000000000000000 t0 0000000001ffffff t1 0000000001474000 t2 900000010ecd7900 t3 00007fffe9474000 t4 00007fffe9474000 t5 0000000000000040 t6 900000010edbfb00 t7 0000000000000001 t8 0000000000000005 u0 90000000004849d0 s9 900000010edbfa00 s0 9000000108d20280 s1 00007fffe9474000 s2 0000000002000000 s3 9000000108d20280 s4 9000000002b38b10 s5 900000010edbfb00 s6 00007ffff3474000 s7 0000000000000406 s8 900000010edbfa08 ra: 9000000000485538 unmap_vmas+0x130/0x218 ERA: 90000000004eaf1c __unmap_hugepage_range+0x6f4/0x7d0 PRMD: 00000004 (PPLV0 +PIE -PWE) EUEN: 00000007 (+FPE +SXE +ASXE -BTE) ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7) ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0) PRID: 0014c010 (Loongson-64bit, Loongson-3A5000) Process hugefork02 (pid: 1517, threadinfo=00000000a670eaf4, task=000000007a95fc64) Call Trace: [<90000000004eaf1c>] __unmap_hugepage_range+0x6f4/0x7d0 [<9000000000485534>] unmap_vmas+0x12c/0x218 [<9000000000494068>] exit_mmap+0xe0/0x308 [<900000000025fdc4>] mmput+0x74/0x180 [<900000000026a284>] do_exit+0x294/0x898 [<900000000026aa30>] do_group_exit+0x30/0x98 [<900000000027bed4>] get_signal+0x83c/0x868 [<90000000002457b4>] arch_do_signal_or_restart+0x54/0xfa0 [<90000000015795e8>] irqentry_exit_to_user_mode+0xb8/0x138 [<90000000002572d0>] tlb_do_page_fault_1+0x114/0x1b4 The problem is that base address allocated from hugetlbfs is not aligned with pmd size. Here add a checking for hugetlbfs and align base address with pmd size. After this patch the test case "testcases/bin/hugefork02" passes to run. This is similar to the commit 7f24cbc9c4d42db8a3c8484d1 ("mm/mmap: teach generic_get_unmapped_area{_topdown} to handle hugetlb mappings").
AI-Powered Analysis
Technical Analysis
CVE-2025-21949 is a vulnerability identified in the Linux kernel specifically affecting the LoongArch architecture. The issue arises from improper alignment of the base address allocated from the hugetlbfs (HugeTLB filesystem) with the page middle directory (PMD) size. HugeTLB is a feature in Linux that allows the use of large memory pages to improve performance for memory-intensive applications. The vulnerability manifests as a kernel BUG and Oops error during the execution of the ltp test case "testcases/bin/hugefork02", indicating a critical fault in the memory management subsystem. The root cause is that the base address for huge page mappings was not properly aligned with the PMD size, which is a fundamental requirement for correct memory mapping and management. This misalignment can lead to kernel crashes and instability, as demonstrated by the kernel panic and call trace logs provided. The patch for this vulnerability involves adding a check for hugetlbfs and ensuring that the base address is aligned with the PMD size, thereby preventing the kernel from encountering the BUG during unmapping operations. This fix aligns with previous kernel improvements related to hugetlb mappings, such as the commit 7f24cbc9c4d42db8a3c8484d1, which enhanced the generic_get_unmapped_area functions to handle hugetlb mappings correctly. Although this vulnerability currently has no known exploits in the wild, it represents a significant stability and reliability risk for systems running vulnerable Linux kernel versions on LoongArch architecture, particularly those utilizing hugetlbfs for large memory page management.
Potential Impact
For European organizations, the impact of CVE-2025-21949 primarily concerns systems running Linux kernels on LoongArch architecture, which is less common compared to x86 or ARM architectures but may be present in specialized environments or emerging markets. The vulnerability can cause kernel crashes and system instability, leading to potential denial of service (DoS) conditions. This can disrupt critical services, especially in data centers, cloud environments, or high-performance computing clusters that rely on huge pages for optimized memory management. Organizations using hugetlbfs for performance-critical applications may experience unexpected downtime or degraded performance, impacting business continuity. Additionally, kernel crashes can complicate forensic investigations and incident response efforts. While there is no evidence of exploitation in the wild, the vulnerability's presence in the kernel memory management subsystem means that attackers with local access could potentially trigger system crashes, affecting availability. For sectors such as finance, healthcare, and critical infrastructure in Europe, where uptime and data integrity are paramount, this vulnerability poses a moderate risk that must be addressed promptly to maintain operational resilience.
Mitigation Recommendations
1. Immediate patching: European organizations should prioritize updating their Linux kernels to versions that include the fix for CVE-2025-21949. Since this vulnerability affects the LoongArch architecture, ensure that kernel updates specific to this architecture are applied. 2. Kernel configuration review: Verify that hugetlbfs usage is necessary and configured correctly. If huge pages are not required, consider disabling hugetlbfs to reduce the attack surface. 3. Testing and validation: Before deploying kernel updates in production, conduct thorough testing in staging environments to ensure stability and compatibility, especially for applications relying on huge pages. 4. Monitoring and alerting: Implement enhanced monitoring for kernel Oops and BUG messages in system logs to detect any attempts to exploit or trigger this vulnerability. 5. Access control: Restrict local access to systems running vulnerable kernels to trusted users only, minimizing the risk of local exploitation. 6. Incident response preparedness: Update incident response playbooks to include steps for handling kernel crashes related to hugetlbfs issues, ensuring rapid recovery and root cause analysis.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-29T08:45:45.790Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9833c4522896dcbe8cba
Added to database: 5/21/2025, 9:09:07 AM
Last enriched: 6/30/2025, 11:09:46 AM
Last updated: 8/17/2025, 4:07:47 PM
Views: 20
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.