Bug 2355333 (CVE-2025-21871) - CVE-2025-21871 kernel: tee: optee: Fix supplicant wait loop
Summary: CVE-2025-21871 kernel: tee: optee: Fix supplicant wait loop
Keywords:
Status: NEW
Alias: CVE-2025-21871
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-03-27 14:01 UTC by OSIDB Bzimport
Modified: 2025-04-08 12:44 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-03-27 14:01:39 UTC 
In the Linux kernel, the following vulnerability has been resolved:

tee: optee: Fix supplicant wait loop

OP-TEE supplicant is a user-space daemon and it's possible for it
be hung or crashed or killed in the middle of processing an OP-TEE
RPC call. It becomes more complicated when there is incorrect shutdown
ordering of the supplicant process vs the OP-TEE client application which
can eventually lead to system hang-up waiting for the closure of the
client application.

Allow the client process waiting in kernel for supplicant response to
be killed rather than indefinitely waiting in an unkillable state. Also,
a normal uninterruptible wait should not have resulted in the hung-task
watchdog getting triggered, but the endless loop would.

This fixes issues observed during system reboot/shutdown when supplicant
got hung for some reason or gets crashed/killed which lead to client
getting hung in an unkillable state. It in turn lead to system being in
hung up state requiring hard power off/on to recover.
Comment 1 Avinash Hanwate 2025-03-28 09:41:11 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025032735-CVE-2025-21871-bb8c@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.