AZL-59604 CVE-2025-21999 affecting package kernel for versions less than 5.15.180.1-1

🗓️ 03 Apr 2025 08:15:15Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

CVE-2025-21999: Linux kernel fix for UAF in proc_get_inode and race with rmmod and /proc inode.

Reporter	Title	Published	Views	Family All 636
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway affected by multiple vulnerabilities in OS kernel	15 Dec 202520:38	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance	22 Apr 202613:49	–	ibm
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel6.12, kernel6.12-modules-extra (ALAS2023-2025-935)	14 Apr 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-959)	13 May 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-090)	29 Apr 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-070)	29 Apr 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : kernel (ALSA-2025:9080)	3 Jul 202500:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: kernel (CVE-2025-21999)	22 Jan 202600:00	–	nessus
Tenable Nessus	Debian dla-4178 : ata-modules-5.10.0-34-armmp-di - security update	26 May 202500:00	–	nessus
Tenable Nessus	Debian dla-4193 : linux-config-6.1 - security update	29 May 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-21999

21 Apr 2026 04:37Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.17.8

EPSS0.00026

SSVC

linux kernel process file system get inode bug use after free race condition