Linux Kernel Security Update Advisory (CVE-2025-21756)

May 02 2025

Overview

We have released a security update to address a vulnerability in the Linux kernel. Affected product users are advised to update to the latest version.

Affected Products

CVE-2025-21756

Linux Kernel Versions: 6.6.79 and earlier
Linux Kernel Versions: 6.12.16 and earlier
Linux Kernel Version: 6.13.4 and earlier
Linux Kernel Version: 6.14-rc1 and earlier

Resolved Vulnerabilities

Vulnerability in the Linux Kernel that allows Container-Optimized OS nodes to escalate privileges (CVE-2025-21756)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-21756

Linux Kernel Version: 6.6.79
Linux Kernel Version: 6.12.16
Linux Kernel Version: 6.13.4
Linux Kernel Version: 6.14-rc1

References

[1] CVE-2025-21756: vsock: Keep the binding until socket destruction
https://lore.kernel.org/linux-cve-annoucce/2025022603-CVE-2025-21756-5e09@gregkh/T/
[2] CVE-2025-21756
vsock: Keep the binding until socket destruction https://security-tracker.debian.org/tracker/CVE-2025-21756
[3] cve-2025-21756
https://ubuntu.com/security/CVE-2025-21756
[4] cve-2025-21756
https://access.redhat.com/security/cve/cve-2025-21756
[5] cve-2025-21756
https://alas.aws.amazon.com/cve/html/CVE-2025-21756.html
[6] GCP-2025-017
https://cloud.google.com/support/bulletins?hl=ko#gcp-2025-017

Linux Kernel Security Update Advisory (CVE-2025-21756)

SAP Product Security Update Advisory (CVE-2025-31324)

MS Family April 2025 Secondary Security Update Advisory

Tags:

SAP Product Security Update Advisory (CVE-2025-31324)

MS Family April 2025 Secondary Security Update Advisory