CVE-2025-21860: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's zswap functionality (CVE-2025-21860) was discovered and resolved in March 2025. The issue was related to an inconsistency in the zswap_store_page() function when it fails to process the entire folio. The vulnerability was introduced by commit b7c0ccdfbafd which skipped charging zswap entries on failure, leading to accounting inconsistencies in memory management (NVD, Kernel Patch).

The vulnerability occurs when some base pages are zswapped but the operation fails to zswap the entire folio, causing the zswap operation to be rolled back. During this process, zswap_entry_free() uncharges entries that were not previously charged, resulting in inconsistent zswap charging. The issue manifests with two specific warnings in the system: one in mm/memcontrol.c related to page size alignment, and another in mm/page_counter.c concerning page counter underflow. The vulnerability has been assigned a CVSS v3.1 Base Score of 3.3 (LOW) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L (NVD).

The vulnerability affects systems using zswap memory compression in the Linux kernel. When triggered, it causes inconsistencies in memory management accounting, leading to system warnings and potential memory management issues. The impact is particularly noticeable on systems with large memory configurations, specifically demonstrated on machines with 64GiB of RAM and 36GiB of zswap (Kernel Patch).

The issue has been fixed by modifying the zswap_store_page() function to increment zswap_stored_pages and charge zswap entries within the function when it succeeds. This ensures proper accounting when the operation fails to zswap the entire folio. The fix has been implemented in the Linux kernel through a patch that modifies the mm/zswap.c file (Kernel Patch).