Description

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from succeeding, even if the issue is corrected, unless the device is released. Additionally, cleanup is also needed in the less likely case of platform_device_register_full() failure. Besides, a consistent memory leak in lookup_table->dev_id was spotted using kmemleak by toggling the live state between 0 and 1 with a correct lookup table. Introduce gpio_virtuser_remove_lookup_table() as the counterpart to the existing gpio_virtuser_make_lookup_table() and call it from all necessary points to ensure proper cleanup.

INFO

Published Date :

2025-01-21T12:18:16.902Z

Last Modified :

2025-10-01T19:57:13.331Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-21661 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-21661.

URL Resource
https://git.kernel.org/stable/c/a619cba8c69c434258ff4101d463322cd63e1bdc cve-icon cve-icon
https://git.kernel.org/stable/c/d72d0126b1f6981f6ce8b4247305f359958c11b5 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025012134-CVE-2025-21661-2a1e@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-21661 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-21661 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact