CVE-2025-71117 — Improper Locking in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 96.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 14
Latest updateApr 17
Description
In the Linux kernel, the following vulnerability has been resolved:
block: Remove queue freezing from several sysfs store callbacks
Freezing the request queue from inside sysfs store callbacks may cause a
deadlock in combination with the dm-multipath driver and the
queue_if_no_path option. Additionally, freezing the request queue slows
down system boot on systems where sysfs attributes are set synchronously.
Fix this by removing the blk_mq_freeze_queue() / blk_mq_unfreeze_queue()
calls from t…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages8 packages
▶CVEListV5linux/linuxaf2814149883e2c1851866ea2afcd8eadc040f79 — 3997b3147c7b68b0308378fa95a766015f8ceb1c+2
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-c5ch-44q8-865h: In the Linux kernel, the following vulnerability has been resolved:
block: Remove queue freezing from several sysfs store callbacks
Freezing the req↗2026-01-14
OSV▶
CVE-2025-71117: In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the reque↗2026-01-14