CVE-2025-68218

medium

Description

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: fix lockdep WARN due to partition scan work Blktests test cases nvme/014, 057 and 058 fail occasionally due to a lockdep WARN. As reported in the Closes tag URL, the WARN indicates that a deadlock can happen due to the dependency among disk->open_mutex, kblockd workqueue completion and partition_scan_work completion. To avoid the lockdep WARN and the potential deadlock, cut the dependency by running the partition_scan_work not by kblockd workqueue but by nvme_wq.

References

https://git.kernel.org/stable/c/ef4ab2a8abe554379e10303ae86f7c501336ba0d

https://git.kernel.org/stable/c/e2a897ad5f538d314955c747a0a2edb184fcdecd

https://git.kernel.org/stable/c/b03eb63288a8ffe3adfb34e68309c8e2edb06d0b

https://git.kernel.org/stable/c/89456dab7ba5ab63d60945440926673a3205e829

https://git.kernel.org/stable/c/6d87cd5335784351280f82c47cc8a657271929c3

Details

Source: Mitre, NVD

Published: 2025-12-16

Updated: 2025-12-18

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018