CVE-2025-68780Time-of-check Time-of-use (TOCTOU) Race Condition in Linux

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition30 documents7 sources
Severity
7.8HIGHOSV
No vector
EPSS
0.1%
top 83.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
LinuxLinux KernelDebian Linux+11 more
Timeline
PublishedJan 13
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: only set free_cpus for online runqueues Commit 16b269436b72 ("sched/deadline: Modify cpudl::free_cpus to reflect rd->online") introduced the cpudl_set/clear_freecpu functions to allow the cpu_dl::free_cpus mask to be manipulated by the deadline scheduler class rq_on/offline callbacks so the mask would also reflect this state. Commit 9659e1eeee28 ("sched/deadline: Remove cpu_active_mask from cpudl_find()") remo

Affected Packages16 packages

Linuxlinux/linux_kernel4.0.05.15.198+4
Debianlinux/linux_kernel< 6.1.162-1+2
Ubuntulinux/linux_kernel< 5.15.0-173.183
CVEListV5linux/linux9659e1eeee28f7025b6545934d644d19e9c6e6039019e399684e3cc68c4a3f050e268f74d69c1317+6
debiandebian/linux< linux 6.1.162-1 (bookworm)

🔴Vulnerability Details

10
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-intel-iot-realtime vulnerabilities2026-03-23
OSV
linux-nvidia-tegra-igx vulnerabilities2026-03-23
OSV
linux-realtime vulnerabilities2026-03-17
OSV
linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities2026-03-17

📋Vendor Advisories

18
Ubuntu
Linux kernel (GCP) vulnerabilities2026-04-17
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17

🕵️Threat Intelligence

1
Wiz
CVE-2025-68780 Impact, Exploitability, and Mitigation Steps | Wiz