Description

In the Linux kernel, the following vulnerability has been resolved: mm: clear uffd-wp PTE/PMD state on mremap() When mremap()ing a memory region previously registered with userfaultfd as write-protected but without UFFD_FEATURE_EVENT_REMAP, an inconsistency in flag clearing leads to a mismatch between the vma flags (which have uffd-wp cleared) and the pte/pmd flags (which do not have uffd-wp cleared). This mismatch causes a subsequent mprotect(PROT_WRITE) to trigger a warning in page_table_check_pte_flags() due to setting the pte to writable while uffd-wp is still set. Fix this by always explicitly clearing the uffd-wp pte/pmd flags on any such mremap() so that the values are consistent with the existing clearing of VM_UFFD_WP. Be careful to clear the logical flag regardless of its physical form; a PTE bit, a swap PTE bit, or a PTE marker. Cover PTE, huge PMD and hugetlb paths.

INFO

Published Date :

2025-02-12T13:27:54.905Z

Last Modified :

2025-10-01T19:57:09.649Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-21696 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-21696.

URL Resource
https://git.kernel.org/stable/c/0cef0bb836e3cfe00f08f9606c72abd72fe78ca3 cve-icon cve-icon
https://git.kernel.org/stable/c/310ac886d68de661c3a334198d8604b722d7fdf8 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025021259-CVE-2025-21696-2482@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-21696 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-21696 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact