CVE-2025-68333

MEDIUM

Linux Kernel - Deadlock in sched_ext deferred_irq_workfn

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix possible deadlock in the deferred_irq_workfn() For PREEMPT_RT=y kernels, the deferred_irq_workfn() is executed in the per-cpu irq_work/* task context and not disable-irq, if the rq returned by container_of() is current CPU's rq, the following scenarios may occur: lock(&rq->__lock); <Interrupt> lock(&rq->__lock); This commit use IRQ_WORK_INIT_HARD() to replace init_irq_work() to initialize rq->scx.deferred_irq_work, make the deferred_irq_workfn() is always invoked in hard-irq context.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/541959b2fadb832a7d0ceb95041dc52bdcf6bff7

Patch

https://git.kernel.org/stable/c/600b4379b9a7ba41340d652211fb29699da4c629

Patch

https://git.kernel.org/stable/c/a257e974210320ede524f340ffe16bf4bf0dda1e

Scores

CVSS v3 5.5

EPSS 0.0009

EPSS Percentile 0.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-667

Status published

Products (12)

linux/Kernel 6.12.0 - 6.12.68linux

linux/Kernel 6.13.0 - 6.17.12linux

Linux/Linux < 6.12

Linux/Linux 5b26f7b920f76b2b9cc398c252a9e35e44bf5bb9 - 541959b2fadb832a7d0ceb95041dc52bdcf6bff7

Linux/Linux 5b26f7b920f76b2b9cc398c252a9e35e44bf5bb9 - 600b4379b9a7ba41340d652211fb29699da4c629

Linux/Linux 5b26f7b920f76b2b9cc398c252a9e35e44bf5bb9 - a257e974210320ede524f340ffe16bf4bf0dda1e

Linux/Linux 6.12

Linux/Linux 6.12.68 - 6.12.*

Linux/Linux 6.17.12 - 6.17.*

Linux/Linux 6.18

... and 2 more

Published Dec 22, 2025

Tracked Since Feb 18, 2026