{"uuid": "328f8a72-ea08-4dc4-96fc-a4e5c9e9917f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21672", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3657", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21672\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix merge preference rule failure condition\n\nsyzbot reported a lock held when returning to userspace[1].  This is\nbecause if argc is less than 0 and the function returns directly, the held\ninode lock is not released.\n\nFix this by store the error in ret and jump to done to clean up instead of\nreturning directly.\n\n[dh: Modified Lizhi Xu's original patch to make it honour the error code\nfrom afs_split_string()]\n\n[1]\nWARNING: lock held when returning to user space!\n6.13.0-rc3-syzkaller-00209-g499551201b5f #0 Not tainted\n------------------------------------------------\nsyz-executor133/5823 is leaving the kernel with locks still held!\n1 lock held by syz-executor133/5823:\n #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include/linux/fs.h:818 [inline]\n #0: ffff888071cffc00 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: afs_proc_addr_prefs_write+0x2bb/0x14e0 fs/afs/addr_prefs.c:388\n\ud83d\udccf Published: 2025-01-31T12:33:02Z\n\ud83d\udccf Modified: 2025-01-31T12:33:02Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-21672\n2. https://git.kernel.org/stable/c/17a4fde81d3a7478d97d15304a6d61094a10c2e3\n3. https://git.kernel.org/stable/c/22be1d90a6211c88dd093b25d1f3aa974d0d9f9d", "creation_timestamp": "2025-01-31T13:15:10.000000Z"}