{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-21889","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-29T08:45:45.782Z","datePublished":"2025-03-27T14:57:15.897Z","dateUpdated":"2026-05-11T21:08:29.017Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:08:29.017Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t  lockdep_rcu_suspicious\n\t  ? perf_event_addr_filters_apply\n\t  perf_iterate_ctx\n\t  perf_event_exec\n\t  begin_new_exec\n\t  ? load_elf_phdrs\n\t  load_elf_binary\n\t  ? lock_acquire\n\t  ? find_held_lock\n\t  ? bprm_execve\n\t  bprm_execve\n\t  do_execveat_common.isra.0\n\t  __x64_sys_execve\n\t  do_syscall_64\n\t  entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/events/core.c"],"versions":[{"version":"bd27568117664b8b3e259721393df420ed51f57b","lessThan":"f390c2eea571945f357a2d3b9fcb1c015767132e","status":"affected","versionType":"git"},{"version":"bd27568117664b8b3e259721393df420ed51f57b","lessThan":"a2475ccad6120546ea45dbcd6cd1f74dc565ef6b","status":"affected","versionType":"git"},{"version":"bd27568117664b8b3e259721393df420ed51f57b","lessThan":"dd536566dda9a551fc2a2acfab5313a5bb13ed02","status":"affected","versionType":"git"},{"version":"bd27568117664b8b3e259721393df420ed51f57b","lessThan":"0fe8813baf4b2e865d3b2c735ce1a15b86002c74","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/events/core.c"],"versions":[{"version":"6.2","status":"affected"},{"version":"0","lessThan":"6.2","status":"unaffected","versionType":"semver"},{"version":"6.6.81","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.18","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13.6","lessThanOrEqual":"6.13.*","status":"unaffected","versionType":"semver"},{"version":"6.14","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.81"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.12.18"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.13.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.14"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/f390c2eea571945f357a2d3b9fcb1c015767132e"},{"url":"https://git.kernel.org/stable/c/a2475ccad6120546ea45dbcd6cd1f74dc565ef6b"},{"url":"https://git.kernel.org/stable/c/dd536566dda9a551fc2a2acfab5313a5bb13ed02"},{"url":"https://git.kernel.org/stable/c/0fe8813baf4b2e865d3b2c735ce1a15b86002c74"}],"title":"perf/core: Add RCU read lock protection to perf_iterate_ctx()","x_generator":{"engine":"bippy-1.2.0"}}}}