{"uuid": "5d56e0fc-f836-4fd8-9000-d5d90af40e94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21691", "type": "seen", "source": "https://t.me/cvedetector/17570", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21691 - Linux Kernel cachestat Permission Checking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21691 \nPublished : Feb. 10, 2025, 4:15 p.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ncachestat: fix page cache statistics permission checking  \n  \nWhen the 'cachestat()' system call was added in commit cf264e1329fb  \n(\"cachestat: implement cachestat syscall\"), it was meant to be a much  \nmore convenient (and performant) version of mincore() that didn't need  \nmapping things into the user virtual address space in order to work.  \n  \nBut it ended up missing the \"check for writability or ownership\" fix for  \nmincore(), done in commit 134fca9063ad (\"mm/mincore.c: make mincore()  \nmore conservative\").  \n  \nThis just adds equivalent logic to 'cachestat()', modified for the file  \ncontext (rather than vma). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T18:45:43.000000Z"}