CVE-2025-37802

MEDIUM

Linux Kernel - Denial of Service via Improper Locking in ksmbd_durable_scavenger_alive

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING" wait_event_timeout() will set the state of the current task to TASK_UNINTERRUPTIBLE, before doing the condition check. This means that ksmbd_durable_scavenger_alive() will try to acquire the mutex while already in a sleeping state. The scheduler warns us by giving the following warning: do not call blocking ops when !TASK_RUNNING; state=2 set at [<0000000061515a6f>] prepare_to_wait_event+0x9f/0x6c0 WARNING: CPU: 2 PID: 4147 at kernel/sched/core.c:10099 __might_sleep+0x12f/0x160 mutex lock is not needed in ksmbd_durable_scavenger_alive().

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/8f805b3746d2f41702c77cba22f94f8415fadd1a

Patch

https://git.kernel.org/stable/c/cd161198e091e8a62b9bd631be970ea9a87d2d6a

Patch

https://git.kernel.org/stable/c/1df0d4c616138784e033ad337961b6e1a6bcd999

Scores

CVSS v3 5.5

EPSS 0.0012

EPSS Percentile 2.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-667

Status published

Products (12)

linux/Kernel 5.15.0 - 6.12.26linux

linux/Kernel 6.13.0 - 6.14.5linux

Linux/Linux < 5.15

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 1df0d4c616138784e033ad337961b6e1a6bcd999

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 8f805b3746d2f41702c77cba22f94f8415fadd1a

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - cd161198e091e8a62b9bd631be970ea9a87d2d6a

Linux/Linux 5.15

Linux/Linux 6.12.26 - 6.12.*

Linux/Linux 6.14.5 - 6.14.*

Linux/Linux 6.15

... and 2 more

Published May 08, 2025

Tracked Since Feb 18, 2026