[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-21727":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":140,"related":141,"reserved_at":9,"published_at":152,"modified_at":153,"state":154,"summary":155,"references_raw":164,"kevs":207,"epss":208,"epss_history":211,"metrics":482,"affected":490},"CVE-2025-21727","In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003CTASK>\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf 'mdelay(10)' is added before calling 'padata_find_next' in the\n'padata_reorder' function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(&pd->refcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps->pd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in 'while', if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n'padata_find_next', which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in 'padata_free_shell' wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138],{"_key":25},"SUSE-SU-2025:01919-1",{"_key":27},"SUSE-SU-2025:1177-1",{"_key":29},"SUSE-SU-2025:1178-1",{"_key":31},"SUSE-SU-2025:1180-1",{"_key":33},"DLA-4102-1",{"_key":35},"DLA-4178-1",{"_key":37},"RHSA-2025:12662",{"_key":39},"RHSA-2025:12746",{"_key":41},"RHSA-2025:13061",{"_key":43},"RHSA-2025:13589",{"_key":45},"RHSA-2025:13590",{"_key":47},"RHSA-2025:13633",{"_key":49},"RHSA-2025:13776",{"_key":51},"RHSA-2025:13781",{"_key":53},"RHSA-2025:14054",{"_key":55},"RHSA-2025:14094",{"_key":57},"RHSA-2025:15035",{"_key":59},"SUSE-SU-2025:20190-1",{"_key":61},"SUSE-SU-2025:20192-1",{"_key":63},"SUSE-SU-2025:20260-1",{"_key":65},"SUSE-SU-2025:20270-1",{"_key":67},"USN-7939-1",{"_key":69},"USN-7939-2",{"_key":71},"DEBIAN-CVE-2025-21727",{"_key":73},"RHSA-2020:4431",{"_key":75},"RHSA-2025:13135",{"_key":77},"RHSA-2025:20095",{"_key":79},"RHSA-2025:20518",{"_key":81},"LSN-0116-1",{"_key":83},"UBUNTU-CVE-2025-21727",{"_key":85},"USN-7510-1",{"_key":87},"USN-7510-2",{"_key":89},"USN-7510-3",{"_key":91},"USN-7510-4",{"_key":93},"USN-7510-5",{"_key":95},"USN-7510-6",{"_key":97},"USN-7510-7",{"_key":99},"USN-7510-8",{"_key":101},"USN-7593-1",{"_key":103},"USN-7602-1",{"_key":105},"USN-7874-1",{"_key":107},"USN-7874-2",{"_key":109},"USN-7874-3",{"_key":111},"USN-7511-1",{"_key":113},"USN-7511-2",{"_key":115},"USN-7511-3",{"_key":117},"USN-7512-1",{"_key":119},"USN-7521-1",{"_key":121},"USN-7521-3",{"_key":123},"USN-7651-1",{"_key":125},"USN-7651-2",{"_key":127},"USN-7651-3",{"_key":129},"USN-7651-4",{"_key":131},"USN-7651-5",{"_key":133},"USN-7651-6",{"_key":135},"USN-7652-1",{"_key":137},"USN-7653-1",{"_key":139},"USN-7737-1",[],[142,143,145,146,147,148,149,150,151],{"_key":25},{"_key":144},"USN-7521-2",{"_key":27},{"_key":29},{"_key":31},{"_key":59},{"_key":61},{"_key":63},{"_key":65},"2025-02-27T02:07:33.501Z","2026-05-12T12:03:30.794Z","Modified",{"cisa_kev":156,"cisa_ransomware":156,"cisa_vendor":9,"epss_severity":157,"epss_score":158,"severity":159,"severity_score":160,"severity_version":161,"severity_source":162,"severity_vector":163,"severity_status":154},false,"low",0.00025,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[165,171,175,179,183,187,191,195,199,203],{"url":166,"sources":167,"tags":169},"https://git.kernel.org/stable/c/f78170bee51469734b1a306a74fc5f777bb22ba6",[162,168],"nvd",[170],"Patch",{"url":172,"sources":173,"tags":174},"https://git.kernel.org/stable/c/f3e0b9f790f8e8065d59e67b565a83154d9f3079",[162,168],[170],{"url":176,"sources":177,"tags":178},"https://git.kernel.org/stable/c/0ae2f332cfd2d74cf3ce344ec9938cf3e29c3ccd",[162,168],[170],{"url":180,"sources":181,"tags":182},"https://git.kernel.org/stable/c/bbccae982e9fa1d7abcb23a5ec81cb0ec883f7de",[162,168],[170],{"url":184,"sources":185,"tags":186},"https://git.kernel.org/stable/c/573ac9c70bf7885dc85d82fa44550581bfc3b738",[162,168],[170],{"url":188,"sources":189,"tags":190},"https://git.kernel.org/stable/c/80231f069240d52e98b6a317456c67b2eafd0781",[162,168],[170],{"url":192,"sources":193,"tags":194},"https://git.kernel.org/stable/c/e01780ea4661172734118d2a5f41bc9720765668",[162,168],[170],{"url":196,"sources":197,"tags":198},"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",[162,168],[],{"url":200,"sources":201,"tags":202},"https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html",[162,168],[],{"url":204,"sources":205,"tags":206},"https://cert-portal.siemens.com/productcert/html/ssa-265688.html",[162,168],[],[],{"date":209,"score":158,"percentile":210},"2026-06-03",0.07409,[212,216,219,222,225,228,231,234,237,240,244,247,250,253,256,260,263,267,270,273,277,280,283,286,289,292,295,298,301,304,306,309,312,315,318,321,324,327,330,333,336,339,341,344,347,351,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,428,431,434,437,440,443,446,448,451,454,456,459,462,465,467,470,473,476,479],{"date":213,"score":214,"percentile":215},"2025-11-04",0.00033,0.08719,{"date":217,"score":214,"percentile":218},"2025-11-05",0.0873,{"date":220,"score":214,"percentile":221},"2025-11-06",0.08852,{"date":223,"score":214,"percentile":224},"2025-11-07",0.0887,{"date":226,"score":214,"percentile":227},"2025-11-08",0.08867,{"date":229,"score":214,"percentile":230},"2025-11-09",0.08836,{"date":232,"score":214,"percentile":233},"2025-11-10",0.08793,{"date":235,"score":214,"percentile":236},"2025-11-11",0.08823,{"date":238,"score":214,"percentile":239},"2025-11-12",0.08862,{"date":241,"score":242,"percentile":243},"2025-11-13",0.00035,0.09713,{"date":245,"score":242,"percentile":246},"2025-11-14",0.09739,{"date":248,"score":242,"percentile":249},"2025-11-15",0.09749,{"date":251,"score":242,"percentile":252},"2025-11-16",0.09757,{"date":254,"score":242,"percentile":255},"2025-11-17",0.09747,{"date":257,"score":258,"percentile":259},"2025-11-18",0.00054,0.12403,{"date":261,"score":258,"percentile":262},"2025-11-19",0.12422,{"date":264,"score":265,"percentile":266},"2025-11-20",0.00037,0.06462,{"date":268,"score":265,"percentile":269},"2025-11-21",0.10462,{"date":271,"score":265,"percentile":272},"2025-11-22",0.10467,{"date":274,"score":275,"percentile":276},"2025-11-23",0.00039,0.11526,{"date":278,"score":275,"percentile":279},"2025-11-24",0.11479,{"date":281,"score":275,"percentile":282},"2025-11-25",0.11482,{"date":284,"score":275,"percentile":285},"2025-11-26",0.11473,{"date":287,"score":275,"percentile":288},"2025-11-27",0.1148,{"date":290,"score":275,"percentile":291},"2025-11-28",0.11474,{"date":293,"score":275,"percentile":294},"2025-11-29",0.11428,{"date":296,"score":275,"percentile":297},"2025-11-30",0.11424,{"date":299,"score":275,"percentile":300},"2025-12-01",0.1146,{"date":302,"score":275,"percentile":303},"2025-12-02",0.1147,{"date":305,"score":275,"percentile":291},"2025-12-03",{"date":307,"score":275,"percentile":308},"2025-12-04",0.11462,{"date":310,"score":275,"percentile":311},"2025-12-05",0.11492,{"date":313,"score":275,"percentile":314},"2025-12-06",0.11506,{"date":316,"score":275,"percentile":317},"2025-12-07",0.11493,{"date":319,"score":275,"percentile":320},"2025-12-08",0.11498,{"date":322,"score":275,"percentile":323},"2025-12-09",0.11544,{"date":325,"score":275,"percentile":326},"2025-12-10",0.11607,{"date":328,"score":275,"percentile":329},"2025-12-11",0.11643,{"date":331,"score":275,"percentile":332},"2025-12-12",0.11676,{"date":334,"score":275,"percentile":335},"2025-12-13",0.1169,{"date":337,"score":275,"percentile":338},"2025-12-14",0.11694,{"date":340,"score":275,"percentile":329},"2025-12-15",{"date":342,"score":275,"percentile":343},"2025-12-16",0.11633,{"date":345,"score":275,"percentile":346},"2025-12-17",0.11722,{"date":348,"score":349,"percentile":350},"2025-12-18",0.00041,0.12424,{"date":352,"score":349,"percentile":353},"2025-12-19",0.12434,{"date":355,"score":349,"percentile":356},"2025-12-20",0.1243,{"date":358,"score":275,"percentile":359},"2025-12-21",0.11766,{"date":361,"score":275,"percentile":362},"2025-12-22",0.11734,{"date":364,"score":275,"percentile":365},"2025-12-23",0.11735,{"date":367,"score":349,"percentile":368},"2025-12-24",0.12555,{"date":370,"score":349,"percentile":371},"2025-12-25",0.12624,{"date":373,"score":349,"percentile":374},"2025-12-26",0.1261,{"date":376,"score":349,"percentile":377},"2025-12-27",0.12613,{"date":379,"score":349,"percentile":380},"2025-12-28",0.12599,{"date":382,"score":349,"percentile":383},"2025-12-29",0.12491,{"date":385,"score":349,"percentile":386},"2025-12-30",0.12469,{"date":388,"score":349,"percentile":389},"2025-12-31",0.12515,{"date":391,"score":349,"percentile":392},"2026-01-01",0.12546,{"date":394,"score":349,"percentile":395},"2026-01-02",0.12521,{"date":397,"score":349,"percentile":398},"2026-01-03",0.12488,{"date":400,"score":349,"percentile":401},"2026-01-04",0.12418,{"date":403,"score":349,"percentile":404},"2026-01-05",0.12361,{"date":406,"score":349,"percentile":407},"2026-01-06",0.12376,{"date":409,"score":349,"percentile":410},"2026-01-07",0.12408,{"date":412,"score":349,"percentile":413},"2026-01-08",0.12454,{"date":415,"score":349,"percentile":416},"2026-01-09",0.12475,{"date":418,"score":349,"percentile":419},"2026-01-10",0.125,{"date":421,"score":349,"percentile":422},"2026-01-11",0.12471,{"date":424,"score":349,"percentile":425},"2026-01-12",0.12445,{"date":427,"score":349,"percentile":350},"2026-01-13",{"date":429,"score":349,"percentile":430},"2026-01-14",0.12487,{"date":432,"score":349,"percentile":433},"2026-01-15",0.12492,{"date":435,"score":349,"percentile":436},"2026-01-16",0.12539,{"date":438,"score":349,"percentile":439},"2026-01-17",0.12552,{"date":441,"score":349,"percentile":442},"2026-01-18",0.12498,{"date":444,"score":349,"percentile":445},"2026-01-19",0.12448,{"date":447,"score":349,"percentile":356},"2026-01-20",{"date":449,"score":349,"percentile":450},"2026-01-21",0.12406,{"date":452,"score":349,"percentile":453},"2026-01-22",0.12389,{"date":455,"score":349,"percentile":416},"2026-01-23",{"date":457,"score":349,"percentile":458},"2026-01-24",0.12527,{"date":460,"score":349,"percentile":461},"2026-01-25",0.12479,{"date":463,"score":349,"percentile":464},"2026-01-26",0.12421,{"date":466,"score":349,"percentile":410},"2026-01-27",{"date":468,"score":349,"percentile":469},"2026-01-28",0.12398,{"date":471,"score":349,"percentile":472},"2026-01-29",0.12379,{"date":474,"score":349,"percentile":475},"2026-01-30",0.12397,{"date":477,"score":349,"percentile":478},"2026-01-31",0.1241,{"date":480,"score":349,"percentile":481},"2026-02-01",0.12409,[483,488],{"source":162,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":484,"cvss_v4_0":9},{"baseScore":160,"baseSeverity":485,"vectorString":163,"impactScore":486,"exploitabilityScore":487},"HIGH",9.8,4.6,{"source":168,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":489,"cvss_v4_0":9},{"baseScore":160,"baseSeverity":485,"vectorString":163,"impactScore":486,"exploitabilityScore":487},[491,523],{"ecosystem":9,"name":492,"vendor":493,"product":493,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":495},"Linux","linux","a",[496,503,506,509,512,515,518,521],{"version":497,"is_range":498,"range_type":162,"version_start":499,"version_start_type":500,"version_end":501,"version_end_type":502,"fixed_in":9},">= b128a30409356df65f1a51cff3eb986cac8cfedc, \u003C f78170bee51469734b1a306a74fc5f777bb22ba6",true,"b128a30409356df65f1a51cff3eb986cac8cfedc","including","f78170bee51469734b1a306a74fc5f777bb22ba6","excluding",{"version":504,"is_range":498,"range_type":162,"version_start":499,"version_start_type":500,"version_end":505,"version_end_type":502,"fixed_in":9},">= b128a30409356df65f1a51cff3eb986cac8cfedc, \u003C f3e0b9f790f8e8065d59e67b565a83154d9f3079","f3e0b9f790f8e8065d59e67b565a83154d9f3079",{"version":507,"is_range":498,"range_type":162,"version_start":499,"version_start_type":500,"version_end":508,"version_end_type":502,"fixed_in":9},">= b128a30409356df65f1a51cff3eb986cac8cfedc, \u003C 0ae2f332cfd2d74cf3ce344ec9938cf3e29c3ccd","0ae2f332cfd2d74cf3ce344ec9938cf3e29c3ccd",{"version":510,"is_range":498,"range_type":162,"version_start":499,"version_start_type":500,"version_end":511,"version_end_type":502,"fixed_in":9},">= b128a30409356df65f1a51cff3eb986cac8cfedc, \u003C bbccae982e9fa1d7abcb23a5ec81cb0ec883f7de","bbccae982e9fa1d7abcb23a5ec81cb0ec883f7de",{"version":513,"is_range":498,"range_type":162,"version_start":499,"version_start_type":500,"version_end":514,"version_end_type":502,"fixed_in":9},">= b128a30409356df65f1a51cff3eb986cac8cfedc, \u003C 573ac9c70bf7885dc85d82fa44550581bfc3b738","573ac9c70bf7885dc85d82fa44550581bfc3b738",{"version":516,"is_range":498,"range_type":162,"version_start":499,"version_start_type":500,"version_end":517,"version_end_type":502,"fixed_in":9},">= b128a30409356df65f1a51cff3eb986cac8cfedc, \u003C 80231f069240d52e98b6a317456c67b2eafd0781","80231f069240d52e98b6a317456c67b2eafd0781",{"version":519,"is_range":498,"range_type":162,"version_start":499,"version_start_type":500,"version_end":520,"version_end_type":502,"fixed_in":9},">= b128a30409356df65f1a51cff3eb986cac8cfedc, \u003C e01780ea4661172734118d2a5f41bc9720765668","e01780ea4661172734118d2a5f41bc9720765668",{"version":522,"is_range":156,"range_type":162,"version_start":522,"version_start_type":500,"version_end":522,"version_end_type":500,"fixed_in":9},"5.4",{"ecosystem":9,"name":524,"vendor":493,"product":525,"cpe_part":526,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":527},"linux kernel","linux_kernel","o",[528,532,536,540,544,548],{"version":529,"is_range":498,"range_type":530,"version_start":522,"version_start_type":500,"version_end":531,"version_end_type":502,"fixed_in":9},"gte5.4_lt5.10.235","cpe","5.10.235",{"version":533,"is_range":498,"range_type":530,"version_start":534,"version_start_type":500,"version_end":535,"version_end_type":502,"fixed_in":9},"gte5.11_lt5.15.179","5.11","5.15.179",{"version":537,"is_range":498,"range_type":530,"version_start":538,"version_start_type":500,"version_end":539,"version_end_type":502,"fixed_in":9},"gte5.16_lt6.1.129","5.16","6.1.129",{"version":541,"is_range":498,"range_type":530,"version_start":542,"version_start_type":500,"version_end":543,"version_end_type":502,"fixed_in":9},"gte6.2_lt6.6.76","6.2","6.6.76",{"version":545,"is_range":498,"range_type":530,"version_start":546,"version_start_type":500,"version_end":547,"version_end_type":502,"fixed_in":9},"gte6.7_lt6.12.13","6.7","6.12.13",{"version":549,"is_range":498,"range_type":530,"version_start":550,"version_start_type":500,"version_end":551,"version_end_type":502,"fixed_in":9},"gte6.13_lt6.13.2","6.13","6.13.2"]