{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-40021","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.152Z","datePublished":"2025-10-24T12:24:57.107Z","dateUpdated":"2026-05-11T21:40:56.795Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:40:56.795Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: dynevent: Add a missing lockdown check on dynevent\n\nSince dynamic_events interface on tracefs is compatible with\nkprobe_events and uprobe_events, it should also check the lockdown\nstatus and reject if it is set."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/trace/trace_dynevent.c"],"versions":[{"version":"17911ff38aa58d3c95c07589dbf5d3564c4cf3c5","lessThan":"f3ac1f4eaba58e57943efa3e8b8d71fa7aab0abf","status":"affected","versionType":"git"},{"version":"17911ff38aa58d3c95c07589dbf5d3564c4cf3c5","lessThan":"0d41604d2d53c1abe27fefb54b37a8f6642a4d74","status":"affected","versionType":"git"},{"version":"17911ff38aa58d3c95c07589dbf5d3564c4cf3c5","lessThan":"07b1f63b5f86765793fab44d3d4c2be681cddafb","status":"affected","versionType":"git"},{"version":"17911ff38aa58d3c95c07589dbf5d3564c4cf3c5","lessThan":"3887f3814c0e770e6b73567fe0f83a2c01a6470c","status":"affected","versionType":"git"},{"version":"17911ff38aa58d3c95c07589dbf5d3564c4cf3c5","lessThan":"573b1e39edfcb7b4eecde0f1664455a1f4462eee","status":"affected","versionType":"git"},{"version":"17911ff38aa58d3c95c07589dbf5d3564c4cf3c5","lessThan":"b47c4e06687a5a7b6c6ef4bd303fcfe4430b26bb","status":"affected","versionType":"git"},{"version":"17911ff38aa58d3c95c07589dbf5d3564c4cf3c5","lessThan":"456c32e3c4316654f95f9d49c12cbecfb77d5660","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/trace/trace_dynevent.c"],"versions":[{"version":"5.4","status":"affected"},{"version":"0","lessThan":"5.4","status":"unaffected","versionType":"semver"},{"version":"5.10.245","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.194","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.155","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.109","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.50","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.16.10","lessThanOrEqual":"6.16.*","status":"unaffected","versionType":"semver"},{"version":"6.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.10.245"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.15.194"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.1.155"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.6.109"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.12.50"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.16.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"6.17"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/f3ac1f4eaba58e57943efa3e8b8d71fa7aab0abf"},{"url":"https://git.kernel.org/stable/c/0d41604d2d53c1abe27fefb54b37a8f6642a4d74"},{"url":"https://git.kernel.org/stable/c/07b1f63b5f86765793fab44d3d4c2be681cddafb"},{"url":"https://git.kernel.org/stable/c/3887f3814c0e770e6b73567fe0f83a2c01a6470c"},{"url":"https://git.kernel.org/stable/c/573b1e39edfcb7b4eecde0f1664455a1f4462eee"},{"url":"https://git.kernel.org/stable/c/b47c4e06687a5a7b6c6ef4bd303fcfe4430b26bb"},{"url":"https://git.kernel.org/stable/c/456c32e3c4316654f95f9d49c12cbecfb77d5660"}],"title":"tracing: dynevent: Add a missing lockdown check on dynevent","x_generator":{"engine":"bippy-1.2.0"}}}}