5.5

CVE-2025-68333

sched_ext: Fix possible deadlock in the deferred_irq_workfn()

In the Linux kernel, the following vulnerability has been resolved:

sched_ext: Fix possible deadlock in the deferred_irq_workfn()

For PREEMPT_RT=y kernels, the deferred_irq_workfn() is executed in
the per-cpu irq_work/* task context and not disable-irq, if the rq
returned by container_of() is current CPU's rq, the following scenarios
may occur:

lock(&rq->__lock);
<Interrupt>
  lock(&rq->__lock);

This commit use IRQ_WORK_INIT_HARD() to replace init_irq_work() to
initialize rq->scx.deferred_irq_work, make the deferred_irq_workfn()
is always invoked in hard-irq context.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.12 < 6.12.68
LinuxLinux Kernel Version >= 6.13 < 6.17.12
LinuxLinux Kernel Version6.18 Updaterc1
LinuxLinux Kernel Version6.18 Updaterc2
LinuxLinux Kernel Version6.18 Updaterc3
LinuxLinux Kernel Version6.18 Updaterc4
LinuxLinux Kernel Version6.18 Updaterc5
LinuxLinux Kernel Version6.18 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.09% 0.007
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/600b4379b9a7ba41340d652211fb29699da4c629
Patch
https://git.kernel.org/stable/c/a257e974210320ede524f340ffe16bf4bf0dda1e
Patch
https://git.kernel.org/stable/c/541959b2fadb832a7d0ceb95041dc52bdcf6bff7
Patch