CVE-2025-68333

Summary

In the Linux kernel, the following vulnerability has been resolved:

sched_ext: Fix possible deadlock in the deferred_irq_workfn()

For PREEMPT_RT=y kernels, the deferred_irq_workfn() is executed in the per-cpu irq_work/* task context and not disable-irq, if the rq returned by container_of() is current CPU's rq, the following scenarios may occur:

lock(&rq->__lock); <Interrupt> lock(&rq->__lock);

This commit use IRQ_WORK_INIT_HARD() to replace init_irq_work() to initialize rq->scx.deferred_irq_work, make the deferred_irq_workfn() is always invoked in hard-irq context.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5b26f7b920f76b2b9cc398c252a9e35e44bf5bb9 < 541959b2fadb832a7d0ceb95041dc52bdcf6bff7affected
LinuxLinux5b26f7b920f76b2b9cc398c252a9e35e44bf5bb9 < 600b4379b9a7ba41340d652211fb29699da4c629affected
LinuxLinux5b26f7b920f76b2b9cc398c252a9e35e44bf5bb9 < a257e974210320ede524f340ffe16bf4bf0dda1eaffected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.68 <= 6.12.*unaffected
LinuxLinux6.17.12 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References