CVE-2025-21998

MEDIUM4.7

firmware: qcom: uefisecapp: fix efivars registration race

Published Apr 3, 2025

Modified 3 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

firmware: qcom: uefisecapp: fix efivars registration race

Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer dereference in case of a racing EFI variable access.

Make sure that all resources have been set up before registering the efivars.

References

WEBhttps://git.kernel.org/stable/c/c4e37b381a7a243c298a4858fc0a5a74e737c79a WEBhttps://git.kernel.org/stable/c/da8d493a80993972c427002684d0742560f3be4a WEBhttps://git.kernel.org/stable/c/f15a2b96a0e41c426c63a932d0e63cde7b9784aa ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2025-21998

CVSS Analysis

CVSS v3.1

4.7

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

HighAC:H

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

4.7/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedApr 3, 2025

ModifiedOct 1, 2025