CVE-2025-21850: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, CVE-2025-21850 addresses a vulnerability in the nvmet subsystem that can cause a system crash when a namespace is disabled. The issue was discovered in March 2025 and affects Linux kernel versions from 6.13 through 6.13.5 and release candidates 6.14-rc1 through 6.14-rc3. The vulnerability occurs due to improper handling of pending I/O operations during namespace disablement (NVD).

The vulnerability stems from a race condition in the nvmet subsystem where the namespace percpu counter, which protects pending I/O operations, is not properly handled during namespace disablement. This can lead to a crash when the queue is torn down while calling submit_bio(). The issue manifests as a general protection fault with a null pointer dereference, particularly visible when running blktests/nvme/058 for loop transport. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (NVD).

When exploited, this vulnerability results in a system crash (denial of service) when a namespace is disabled while I/O operations are still pending. The crash occurs due to a null pointer dereference in the kernel's nvmet subsystem, affecting system stability and availability (Kernel Patch).

The vulnerability has been fixed in the Linux kernel through patches that properly initialize the percpu counter in nvmetnsenable() and ensure it drops to zero in nvmetnsdisable() before completing the namespace disablement. Users should update to patched versions of the kernel. The fix is documented in commit 4082326807072b71496501b6a0c55ffe8d5092a5 (Kernel Patch).