CVE-2025-39782
published 2025-09-11CVE-2025-39782: In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2_log_do_checkpoint() Both jbd2_log_do_checkpoint() and…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
jbd2: prevent softlockup in jbd2_log_do_checkpoint()
Both jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list()
periodically release j_list_lock after processing a batch of buffers to
avoid long hold times on the j_list_lock. However, since both functions
contend for j_list_lock, the combined time spent waiting and processing
can be significant.
jbd2_journal_shrink_checkpoint_list() explicitly calls cond_resched() when
need_resched() is true to avoid softlockups during prolonged operations.
But jbd2_log_do_checkpoint() only exits its loop when need_resched() is
true, relying on potentially sleeping functions like __flush_batch() or
wait_on_buffer() to trigger rescheduling. If those functions do not sleep,
the kernel may hit a softlockup.
watchdog: BUG: soft lockup - CPU#3 stuck for 156s! [kworker/u129:2:373]
CPU: 3 PID: 373 Comm: kworker/u129:2 Kdump: loaded Not tainted 6.6.0+ #10
Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.27 06/13/2017
Workqueue: writeback wb_workfn (flush-7:2)
pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : native_queued_spin_lock_slowpath+0x358/0x418
lr : jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]
Call trace:
native_queued_spin_lock_slowpath+0x358/0x418
jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]
__jbd2_log_wait_for_space+0xfc/0x2f8 [jbd2]
add_transaction_credits+0x3bc/0x418 [jbd2]
start_this_handle+0xf8/0x560 [jbd2]
jbd2__journal_start+0x118/0x228 [jbd2]
__ext4_journal_start_sb+0x110/0x188 [ext4]
ext4_do_writepages+0x3dc/0x740 [ext4]
ext4_writepages+0xa4/0x190 [ext4]
do_writepages+0x94/0x228
__writeback_single_inode+0x48/0x318
writeback_sb_inodes+0x204/0x590
__writeback_inodes_wb+0x54/0xf8
wb_writeback+0x2cc/0x3d8
wb_do_writeback+0x2e0/0x2f8
wb_workfn+0x80/0x2a8
process_one_work+0x178/0x3e8
worker_thread+0x234/0x3b8
kthread+0xf0/0x108
ret_from_fork+0x10/0x20
So explicitly call cond_resched() in jbd2_log_do_checkpoint() to avoid
softl
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.153-1 (bookworm) | linux 6.1.153-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.153-1 (bookworm) | linux 6.1.153-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= f93ea411b73594f7d144855fd34278bcf34a9afc < f683d611518d30334813eecf9a8c687453e2800e | f683d611518d30334813eecf9a8c687453e2800e |
| linux | linux | >= f93ea411b73594f7d144855fd34278bcf34a9afc < f7ee8fd689e6d534f9fd2494b9266f7998082e65 | f7ee8fd689e6d534f9fd2494b9266f7998082e65 |
| linux | linux | >= f93ea411b73594f7d144855fd34278bcf34a9afc < 84ff98c1ea19acd3f9389e4bb6061364e943f85e | 84ff98c1ea19acd3f9389e4bb6061364e943f85e |
| linux | linux | >= f93ea411b73594f7d144855fd34278bcf34a9afc < 26cb9aad94cb1811d8fae115594cc71fa3d91ab0 | 26cb9aad94cb1811d8fae115594cc71fa3d91ab0 |
| linux | linux | >= f93ea411b73594f7d144855fd34278bcf34a9afc < 41f40038de62e8306897cf6840791b268996432a | 41f40038de62e8306897cf6840791b268996432a |
| linux | linux | >= f93ea411b73594f7d144855fd34278bcf34a9afc < 429d50cbaff45090d52a1ea850d5de8c14881ee7 | 429d50cbaff45090d52a1ea850d5de8c14881ee7 |
| linux | linux | >= f93ea411b73594f7d144855fd34278bcf34a9afc < 3faac5e1d14c63260fd1bf789d96bde3ab3d9e54 | 3faac5e1d14c63260fd1bf789d96bde3ab3d9e54 |
| linux | linux | >= f93ea411b73594f7d144855fd34278bcf34a9afc < 9d98cf4632258720f18265a058e62fde120c0151 | 9d98cf4632258720f18265a058e62fde120c0151 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.153-1 | 6.1.153-1 |
| linux | linux_kernel | >= 0 < 6.12.48-1 | 6.12.48-1 |
| linux | linux_kernel | >= 0 < 6.16.5-1 | 6.16.5-1 |
| linux | linux_kernel | >= 0 < 5.15.0-163.173 | 5.15.0-163.173 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 2.6.16 < 5.4.297 | 5.4.297 |
| linux | linux_kernel | >= 5.11 < 5.15.190 | 5.15.190 |
| linux | linux_kernel | >= 5.16 < 6.1.149 | 6.1.149 |
| linux | linux_kernel | >= 5.5 < 5.10.241 | 5.10.241 |
| linux | linux_kernel | >= 6.13 < 6.16.4 | 6.16.4 |
| linux | linux_kernel | >= 6.2 < 6.6.103 | 6.6.103 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM