Detections
Analytics

CVE-2025-68333

high

Description

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix possible deadlock in the deferred_irq_workfn() For PREEMPT_RT=y kernels, the deferred_irq_workfn() is executed in the per-cpu irq_work/* task context and not disable-irq, if the rq returned by container_of() is current CPU's rq, the following scenarios may occur: lock(&rq->__lock); <Interrupt> lock(&rq->__lock); This commit use IRQ_WORK_INIT_HARD() to replace init_irq_work() to initialize rq->scx.deferred_irq_work, make the deferred_irq_workfn() is always invoked in hard-irq context.

References

https://git.kernel.org/stable/c/a257e974210320ede524f340ffe16bf4bf0dda1e

https://git.kernel.org/stable/c/600b4379b9a7ba41340d652211fb29699da4c629

https://git.kernel.org/stable/c/541959b2fadb832a7d0ceb95041dc52bdcf6bff7

Details

Source: Mitre, NVD

Published: 2025-12-22

Updated: 2026-01-30

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018