CVE-2025-21965

Summary

In the Linux kernel, the following vulnerability has been resolved:

sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl()

If a BPF scheduler provides an invalid CPU (outside the nr_cpu_ids range) as prev_cpu to scx_bpf_select_cpu_dfl() it can cause a kernel crash.

To prevent this, validate prev_cpu in scx_bpf_select_cpu_dfl() and trigger an scx error if an invalid CPU is specified.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf0e1a0643a59bf1f922fa209cec86a170b784f3f < 752b56bb76e2471197d25d6948d85753043b10daaffected
LinuxLinuxf0e1a0643a59bf1f922fa209cec86a170b784f3f < 515680e76c536dd4aa8e2b5d674b0d441baddf5baffected
LinuxLinuxf0e1a0643a59bf1f922fa209cec86a170b784f3f < 9360dfe4cbd62ff1eb8217b815964931523b75b3affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.20 <= 6.12.*unaffected
LinuxLinux6.13.8 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

References