CVE-2025-68333
📋 TL;DR
A race condition in the Linux kernel's sched_ext scheduler can cause a deadlock in PREEMPT_RT (real-time) kernels. This vulnerability affects systems running Linux kernels with CONFIG_SCHED_CLASS_EXT=y and CONFIG_PREEMPT_RT=y configurations. The deadlock occurs when deferred IRQ work tries to acquire the same lock that's already held, potentially causing system hangs.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system deadlock requiring hard reboot, leading to denial of service and potential data loss.
Likely Case
System instability or hangs under specific workload conditions, particularly affecting real-time applications.
If Mitigated
Minimal impact if systems are not using PREEMPT_RT or sched_ext scheduler.
🎯 Exploit Status
Exploitation requires triggering specific race conditions in kernel scheduling, making it difficult to weaponize reliably.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel commits: 541959b2fadb832a7d0ceb95041dc52bdcf6bff7, 600b4379b9a7ba41340d652211fb29699da4c629, a257e974210320ede524f340ffe16bf4bf0dda1e
Vendor Advisory: https://git.kernel.org/stable/c/541959b2fadb832a7d0ceb95041dc52bdcf6bff7
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Rebuild kernel if using custom configuration. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable sched_ext scheduler
linuxRemove sched_ext from kernel configuration to avoid the vulnerable code path
Set CONFIG_SCHED_CLASS_EXT=n in kernel configuration
Disable PREEMPT_RT
linuxUse standard kernel instead of real-time variant
Set CONFIG_PREEMPT_RT=n in kernel configuration
🧯 If You Can't Patch
- Monitor system for unexplained hangs or deadlocks
- Avoid workloads that heavily utilize sched_ext scheduler features
🔍 How to Verify
Check if Vulnerable:
Check kernel config: grep -E 'CONFIG_SCHED_CLASS_EXT|CONFIG_PREEMPT_RT' /boot/config-$(uname -r)Check Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits: git log --oneline | grep -E '541959b2fadb|600b4379b9a7|a257e9742103'📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- System hang events in syslog
- Watchdog timeouts
Network Indicators:
- None - this is a local kernel issue
SIEM Query:
source="kernel" AND ("deadlock" OR "sched_ext" OR "watchdog: BUG")