CVE-2025-21938
📋 TL;DR
A race condition in the Linux kernel's MPTCP implementation can cause a 'scheduling while atomic' kernel panic when multiple connection requests attempt to create implicit MPTCP endpoints simultaneously. This affects Linux systems using MPTCP with specific network configurations, potentially causing denial of service.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and complete denial of service, requiring reboot.
Likely Case
System instability or crash when multiple MPTCP connections are established concurrently in specific network configurations.
If Mitigated
Minor performance impact or connection failures in race condition scenarios.
🎯 Exploit Status
Exploitation requires specific MPTCP configurations and concurrent connection attempts. The vulnerability is a race condition that may be difficult to reliably trigger.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel patches available (see references in CVE)
Vendor Advisory: https://git.kernel.org/stable/c/022bfe24aad8937705704ff2e414b100cf0f2e1a
Restart Required: Yes
Instructions:
1. Identify your Linux kernel version. 2. Apply the appropriate kernel patch from the stable branches. 3. Rebuild and install the patched kernel. 4. Reboot the system.
🔧 Temporary Workarounds
Disable MPTCP
linuxDisable Multipath TCP functionality if not required
sysctl -w net.mptcp.enabled=0
Avoid problematic MPTCP configurations
linuxAvoid using MPTCP endpoints with different external vs internal addresses
🧯 If You Can't Patch
- Disable MPTCP functionality entirely using sysctl
- Implement network segmentation to limit MPTCP connection attempts
🔍 How to Verify
Check if Vulnerable:
Check if MPTCP is enabled and kernel version is unpatched: sysctl net.mptcp.enabled && uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the patch commits referenced in the CVE📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages containing 'scheduling while atomic'
- MPTCP-related error messages in kernel logs
- System crash/reboot events
Network Indicators:
- Multiple concurrent MPTCP connection attempts
- MPTCP SYN packets to systems with specific endpoint configurations
SIEM Query:
event_source="kernel" AND (message="scheduling while atomic" OR message="BUG: scheduling while atomic")🔗 References
- https://git.kernel.org/stable/c/022bfe24aad8937705704ff2e414b100cf0f2e1a
- https://git.kernel.org/stable/c/125ccafe6dd062901b5a0c31ee9038740fc8859e
- https://git.kernel.org/stable/c/4b228dae3d2cc6d9dce167449cd8fa9f028e9376
- https://git.kernel.org/stable/c/f1404f368c40fc6a068dad72e4ee0824ee6a78ee
- https://git.kernel.org/stable/c/f3fcdb2de9fdbed9d8c6a8eb2c5fbd7d6f54a4d8
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
