CVE-2025-21897Improper Locking in Linux

CWE-667Improper Locking5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 88.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 1

Description

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix pick_task_scx() picking non-queued tasks when it's called without balance() a6250aa251ea ("sched_ext: Handle cases where pick_task_scx() is called without preceding balance_scx()") added a workaround to handle the cases where pick_task_scx() is called without prececing balance_scx() which is due to a fair class bug where pick_taks_fair() may return NULL after a true return from balance_fair(). The workaround de

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.12.16.12.18+3
Debianlinux/linux_kernel< 6.12.19-1+1
CVEListV5linux/linuxa6250aa251eacaf3ebfcfe152a96a727fd483ecd5324c459f90d16b0c43a78b494c598915d782b7a+3
debiandebian/linux< linux 6.12.19-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-32g6-m5fv-fhv6: In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix pick_task_scx() picking non-queued tasks when it's called without2025-04-01
OSV
CVE-2025-21897: In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix pick_task_scx() picking non-queued tasks when it's called without b2025-04-01

📋Vendor Advisories

2
Red Hat
kernel: sched_ext: Fix pick_task_scx() picking non-queued tasks when it's called without balance()2025-04-01
Debian
CVE-2025-21897: linux - In the Linux kernel, the following vulnerability has been resolved: sched_ext: ...2025
CVE-2025-21897 — Improper Locking in Linux | cvebase