-

CVE-2025-68336

EPSS 0.04%
Veröffentlicht 22.12.2025 16:14:13
Zuletzt bearbeitet 19.01.2026 13:16:10
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

locking/spinlock/debug: Fix data-race in do_raw_write_lock

KCSAN reports:

BUG: KCSAN: data-race in do_raw_write_lock / do_raw_write_lock

write (marked) to 0xffff800009cf504c of 4 bytes by task 1102 on cpu 1:
 do_raw_write_lock+0x120/0x204
 _raw_write_lock_irq
 do_exit
 call_usermodehelper_exec_async
 ret_from_fork

read to 0xffff800009cf504c of 4 bytes by task 1103 on cpu 0:
 do_raw_write_lock+0x88/0x204
 _raw_write_lock_irq
 do_exit
 call_usermodehelper_exec_async
 ret_from_fork

value changed: 0xffffffff -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 1103 Comm: kworker/u4:1 6.1.111

Commit 1a365e822372 ("locking/spinlock/debug: Fix various data races") has
adressed most of these races, but seems to be not consistent/not complete.

>From do_raw_write_lock() only debug_write_lock_after() part has been
converted to WRITE_ONCE(), but not debug_write_lock_before() part.
Do it now.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 8e5b2cf10844402054b52b489b525dc30cc16908

Version 1a365e822372ba24c9da0822bc583894f6f3d821

Status affected

Version < c228cb699a07a5f2d596d186bc5c314c99bb8bbf

Version 1a365e822372ba24c9da0822bc583894f6f3d821

Status affected

Version < 93bd23524d63deb80fb85beb2e43fafeb1043d0f

Version 1a365e822372ba24c9da0822bc583894f6f3d821

Status affected

Version < 39d2ef113416f1a4205b03fb0aa2e428d1412c77

Version 1a365e822372ba24c9da0822bc583894f6f3d821

Status affected

Version < b163a5e8c703201c905d6ec7920ed79d167e8442

Version 1a365e822372ba24c9da0822bc583894f6f3d821

Status affected

Version < 16b3590c0e1e615757dade098c8fbc0d4f040c76

Version 1a365e822372ba24c9da0822bc583894f6f3d821

Status affected

Version < 396a9270a7b90886be501611b13aa636f2e8c703

Version 1a365e822372ba24c9da0822bc583894f6f3d821

Status affected

Version < c14ecb555c3ee80eeb030a4e46d00e679537f03a

Version 1a365e822372ba24c9da0822bc583894f6f3d821

Status affected

Version 3106fb78d3579c8e9c9b3040f7f7841981919624

Status affected

Version c0911024ff927ba5c4786b507004cb615be1d776

Status affected

Version 09226e5c38639437565af01e6009a9286a351d04

Status affected

Version c7673f01604fa722b9d7c1e29e17cec1b8ae09c5

Status affected

Version c120c3dbeb76305235c8e557f84d9e2d7d0f5933

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.5

Status affected

Version < 5.5

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.62

Status unaffected

Version <= 6.17.*

Version 6.17.12

Status unaffected

Version <= 6.18.*

Version 6.18.1

Status unaffected

Version <= *

Version 6.19-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/b163a5e8c703201c905d6ec7920ed79d167e8442

https://git.kernel.org/stable/c/16b3590c0e1e615757dade098c8fbc0d4f040c76

https://git.kernel.org/stable/c/396a9270a7b90886be501611b13aa636f2e8c703

https://git.kernel.org/stable/c/c14ecb555c3ee80eeb030a4e46d00e679537f03a

https://git.kernel.org/stable/c/39d2ef113416f1a4205b03fb0aa2e428d1412c77

https://git.kernel.org/stable/c/93bd23524d63deb80fb85beb2e43fafeb1043d0f

https://git.kernel.org/stable/c/8e5b2cf10844402054b52b489b525dc30cc16908

https://git.kernel.org/stable/c/c228cb699a07a5f2d596d186bc5c314c99bb8bbf

https://nvd.nist.gov/vuln/detail/CVE-2025-68336

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68336

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68336

EUVD