Bottlerocket: bottlerocket-kernel-6.12, kernel-6.12: security update to 6.12.29

medium Tenable Cloud Security Plugin ID 428238

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- In the Linux kernel, the following vulnerability has been resolved: kernel: be more careful about
dup_mmap() failures and uprobe registering If a memory allocation fails during dup_mmap(), the maple tree
can be left in an unsafe state for other iterators besides the exit path. All the locks are dropped before
the exit_mmap() call (in mm/mmap.c), but the incomplete mm_struct can be reached through (at least) the
rmap finding the vmas which have a pointer back to the mm_struct. Up to this point, there have been no
issues with being able to find an mm_struct that was only partially initialised. Syzbot was able to make
the incomplete mm_struct fail with recent forking changes, so it has been proven unsafe to use the
mm_struct that hasn't been initialised, as referenced in the link below. Although 8ac662f5da19f ("fork:
avoid inappropriate uprobe access to invalid mm") fixed the uprobe access, it does not completely remove
the race. This patch sets the MMF_OOM_SKIP to avoid the iteration of the vmas on the oom side (even though
this is extremely unlikely to be selected as an oom victim in the race window), and sets MMF_UNSTABLE to
avoid other potential users from using a partially initialised mm_struct. When registering vmas for
uprobe, skip the vmas in an mm that is marked unstable. Modifying a vma in an unstable mm may cause issues
if the mm isn't fully initialised. (CVE-2025-21709)

Plugin Details

Severity: Medium

ID: 428238

Version: Revision 1.6

Type: Local

Published: 6/30/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.15

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2025-21709

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2/27/2025

Reference Information

CVE: CVE-2025-21709