CVE-2025-21866

Summary

CVE-2025-21866 is a vulnerability in the Linux kernel's PowerPC architecture that affects the code-patching functionality. This issue was discovered during a KASAN hit reported by Erhard on a PowerMac G4 system. The vulnerability occurs when a text patching area is not flagged as VM_ALLOC, leading to a KASAN (Kernel Address Sanitizer) out-of-bounds write issue. The area in question is allocated using get_vm_area() and is not supposed to be used before a call to __vmalloc_node_range(). However, since it is not vmalloc memory, no VM flag is passed, and the area remains unpoisoned and usable immediately. This vulnerability went undetected until commit e4137f08816b, which added instrumentation to copy_from/to_kernel_nofault functions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.