{"id":"CVE-2025-21889","summary":"perf/core: Add RCU read lock protection to perf_iterate_ctx()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t  lockdep_rcu_suspicious\n\t  ? perf_event_addr_filters_apply\n\t  perf_iterate_ctx\n\t  perf_event_exec\n\t  begin_new_exec\n\t  ? load_elf_phdrs\n\t  load_elf_binary\n\t  ? lock_acquire\n\t  ? find_held_lock\n\t  ? bprm_execve\n\t  bprm_execve\n\t  do_execveat_common.isra.0\n\t  __x64_sys_execve\n\t  do_syscall_64\n\t  entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]","modified":"2026-04-02T12:45:16.069363Z","published":"2025-03-27T14:57:15.897Z","related":["SUSE-SU-2025:01614-1","SUSE-SU-2025:01707-1","SUSE-SU-2025:01919-1","SUSE-SU-2025:01951-1","SUSE-SU-2025:01964-1","SUSE-SU-2025:01967-1","SUSE-SU-2025:20192-1","SUSE-SU-2025:20206-1","SUSE-SU-2025:20270-1","SUSE-SU-2025:20283-1","USN-7521-2"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21889.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0fe8813baf4b2e865d3b2c735ce1a15b86002c74"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a2475ccad6120546ea45dbcd6cd1f74dc565ef6b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dd536566dda9a551fc2a2acfab5313a5bb13ed02"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f390c2eea571945f357a2d3b9fcb1c015767132e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21889.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21889"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"bd27568117664b8b3e259721393df420ed51f57b"},{"fixed":"f390c2eea571945f357a2d3b9fcb1c015767132e"},{"fixed":"a2475ccad6120546ea45dbcd6cd1f74dc565ef6b"},{"fixed":"dd536566dda9a551fc2a2acfab5313a5bb13ed02"},{"fixed":"0fe8813baf4b2e865d3b2c735ce1a15b86002c74"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-21889.json"}}],"schema_version":"1.7.5"}