{"id":"CVE-2025-40021","summary":"tracing: dynevent: Add a missing lockdown check on dynevent","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: dynevent: Add a missing lockdown check on dynevent\n\nSince dynamic_events interface on tracefs is compatible with\nkprobe_events and uprobe_events, it should also check the lockdown\nstatus and reject if it is set.","modified":"2026-05-18T05:59:31.469591894Z","published":"2025-10-24T12:24:57.107Z","related":["SUSE-SU-2025:4393-1","SUSE-SU-2025:4422-1","SUSE-SU-2025:4505-1","SUSE-SU-2025:4516-1","SUSE-SU-2025:4517-1","SUSE-SU-2025:4521-1","SUSE-SU-2026:20012-1","SUSE-SU-2026:20015-1","SUSE-SU-2026:20021-1","SUSE-SU-2026:20039-1","SUSE-SU-2026:20059-1","SUSE-SU-2026:20473-1","SUSE-SU-2026:20496-1","openSUSE-SU-2025:20172-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40021.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/07b1f63b5f86765793fab44d3d4c2be681cddafb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/0d41604d2d53c1abe27fefb54b37a8f6642a4d74"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3887f3814c0e770e6b73567fe0f83a2c01a6470c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/456c32e3c4316654f95f9d49c12cbecfb77d5660"},{"type":"WEB","url":"https://git.kernel.org/stable/c/573b1e39edfcb7b4eecde0f1664455a1f4462eee"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b47c4e06687a5a7b6c6ef4bd303fcfe4430b26bb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f3ac1f4eaba58e57943efa3e8b8d71fa7aab0abf"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40021.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40021"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"17911ff38aa58d3c95c07589dbf5d3564c4cf3c5"},{"fixed":"f3ac1f4eaba58e57943efa3e8b8d71fa7aab0abf"},{"fixed":"0d41604d2d53c1abe27fefb54b37a8f6642a4d74"},{"fixed":"07b1f63b5f86765793fab44d3d4c2be681cddafb"},{"fixed":"3887f3814c0e770e6b73567fe0f83a2c01a6470c"},{"fixed":"573b1e39edfcb7b4eecde0f1664455a1f4462eee"},{"fixed":"b47c4e06687a5a7b6c6ef4bd303fcfe4430b26bb"},{"fixed":"456c32e3c4316654f95f9d49c12cbecfb77d5660"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40021.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.4.0"},{"fixed":"5.10.245"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.194"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.155"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.109"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.50"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.16.10"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40021.json"}}],"schema_version":"1.7.5"}