CVE-2025-21823: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-21823 affects the batman-adv (Batman Advanced) component in the Linux kernel. The vulnerability is related to the ELP (Echo Location Protocol) metric worker functionality, which calculates metric values for neighbors reachable over an interface. The issue was discovered in January 2025 and was fixed in Linux kernel version 6.1.129-1 (Debian Tracker).

The vulnerability stems from a design flaw in the ELP metric worker implementation. The worker needs to calculate new metric values for neighbors while using locks that might need to sleep, which is incompatible with the RCU (Read-Copy-Update) list iterator used for recorded neighbors. The initial workaround of queuing another work item per neighbor led to potential invalid memory accesses when interfaces were removed or the batman-adv module was unloaded. Additionally, the cancelworksync operation could cause deadlocks due to lock ordering issues with rtnl_lock (Kernel Commit).

The vulnerability could result in potential invalid memory accesses and system deadlocks. This occurs specifically when interfaces are removed or the batman-adv module is unloaded while metric calculations are in progress. The issue affects systems running the batman-adv networking component in the Linux kernel (Debian Tracker).

The issue has been fixed by redesigning the ELP metric worker implementation. The solution involves creating a list of neighbors requiring metric information inside the RCU protected context and gathering metrics according to this list outside the RCU protected context. The fix also implements rcu_trylock usage in metric gathering code to avoid deadlocks. Users should upgrade to Linux kernel version 6.1.129-1 or later where the fix has been implemented (Debian Tracker).