CVE-2025-68333Improper Locking in Linux

CWE-667Improper Locking19 documents8 sources
Severity
5.5MEDIUMNVD
OSV7.2
EPSS
0.0%
top 96.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedDec 22
Latest updateApr 6

Description

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix possible deadlock in the deferred_irq_workfn() For PREEMPT_RT=y kernels, the deferred_irq_workfn() is executed in the per-cpu irq_work/* task context and not disable-irq, if the rq returned by container_of() is current CPU's rq, the following scenarios may occur: lock(&rq->__lock); lock(&rq->__lock); This commit use IRQ_WORK_INIT_HARD() to replace init_irq_work() to initialize rq->scx.deferred_irq_work, make

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel6.126.12.68+2
Debianlinux/linux_kernel< 6.12.69-1+1
Ubuntulinux/linux_kernel< 6.17.0-19.19
CVEListV5linux/linux5b26f7b920f76b2b9cc398c252a9e35e44bf5bb9541959b2fadb832a7d0ceb95041dc52bdcf6bff7+3

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

8
OSV
linux-oem-6.17 vulnerabilities2026-04-06
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-azure, linux-azure-6.17 vulnerabilities2026-03-25
OSV
linux-realtime-6.17 vulnerabilities2026-03-23
OSV
linux-gcp-6.17, linux-realtime vulnerabilities2026-03-17

📋Vendor Advisories

9
Ubuntu
Linux kernel (OEM) vulnerabilities2026-04-06
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2026-04-01
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-25
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-03-23
Ubuntu
Linux kernel vulnerabilities2026-03-17

🕵️Threat Intelligence

1
Wiz
CVE-2025-68333 Impact, Exploitability, and Mitigation Steps | Wiz