CVE-2025-21950

HIGH

Linux Kernel - Information Disclosure via Uninitialized Memory in pmcmd_ioctl

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects allocated by kmalloc are initialized by "hcall_get_cpu_state", which are then copied to user space. The initializer is indeed implemented in "acrn_hypercall2" (arch/x86/include/asm/acrn.h). There is a risk of information leakage due to uninitialized bytes.

References (7)

Core 7

Core References

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Patch

https://git.kernel.org/stable/c/4e15cf870d2c748e45d45ffc4d5b1dc1b7d50120

Patch

https://git.kernel.org/stable/c/524f29d78c9bdeb49f31f5b0376a07d2fc5cf563

Patch

https://git.kernel.org/stable/c/d7e5031fe3f161c8eb5e84db1540bc4373ed861b

Patch

https://git.kernel.org/stable/c/1b8f7a2caa7f9cdfd135e3f78eb9d7e36fb95083

Patch

https://git.kernel.org/stable/c/a4c21b878f0e237f45209a324c903ea7fb05247d

Patch

https://git.kernel.org/stable/c/819cec1dc47cdeac8f5dd6ba81c1dbee2a68c3bb

Scores

CVSS v3 7.1

EPSS 0.0001

EPSS Percentile 1.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

Status published

Products (22)

debian/debian_linux 11.0

linux/Kernel 5.12.0 - 5.15.179linux

linux/Kernel 5.16.0 - 6.1.131linux

linux/Kernel 6.13.0 - 6.13.7linux

linux/Kernel 6.2.0 - 6.6.83linux

linux/Kernel 6.7.0 - 6.12.19linux

Linux/Linux < 5.12

Linux/Linux 3d679d5aec648f50e645702929890b9611998a0b - 1b8f7a2caa7f9cdfd135e3f78eb9d7e36fb95083

Linux/Linux 3d679d5aec648f50e645702929890b9611998a0b - 4e15cf870d2c748e45d45ffc4d5b1dc1b7d50120

Linux/Linux 3d679d5aec648f50e645702929890b9611998a0b - 524f29d78c9bdeb49f31f5b0376a07d2fc5cf563

... and 12 more

Published Apr 01, 2025

Tracked Since Feb 18, 2026