| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context\n\nThe following bug report happened with a PREEMPT_RT kernel:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n get_random_u32+0x4f/0x110\n clocksource_verify_choose_cpus+0xab/0x1a0\n clocksource_verify_percpu.part.0+0x6b/0x330\n clocksource_watchdog_kthread+0x193/0x1a0\n\nIt is due to the fact that clocksource_verify_choose_cpus() is invoked with\npreemption disabled. This function invokes get_random_u32() to obtain\nrandom numbers for choosing CPUs. The batched_entropy_32 local lock and/or\nthe base_crng.lock spinlock in driver/char/random.c will be acquired during\nthe call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot\nbe acquired in atomic context.\n\nFix this problem by using migrate_disable() to allow smp_processor_id() to\nbe reliably used without introducing atomic context. preempt_disable() is\nthen called after clocksource_verify_choose_cpus() but before the\nclocksource measurement is being run to avoid introducing unexpected\nlatency." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "kernel/time/clocksource.c" |
| ], |
| "versions": [ |
| { |
| "version": "d9b40ebd448e437ffbc65f013836f98252279a82", |
| "lessThan": "d9c217fadfcff7a8df58567517d1e4253f3fd243", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "7560c02bdffb7c52d1457fa551b9e745d4b9e754", |
| "lessThan": "60f54f0d4ea530950549a8263e6fdd70a40490a4", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "7560c02bdffb7c52d1457fa551b9e745d4b9e754", |
| "lessThan": "852805b6cbdb69c298a8fc9fbe79994c95106e04", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "7560c02bdffb7c52d1457fa551b9e745d4b9e754", |
| "lessThan": "8783ceeee797d9aa9cfe150690fb9d0bac8cc459", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "7560c02bdffb7c52d1457fa551b9e745d4b9e754", |
| "lessThan": "cc3d79e7c806cb57d71c28a4a35e7d7fb3265faa", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "7560c02bdffb7c52d1457fa551b9e745d4b9e754", |
| "lessThan": "0fb534187d2355f6c8f995321e76d1ccd1262ac1", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "7560c02bdffb7c52d1457fa551b9e745d4b9e754", |
| "lessThan": "6bb05a33337b2c842373857b63de5c9bf1ae2a09", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "193e14e68e907b2a7a936a7726accbaa4df25a4d", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "155d3c5d24ee13cafa6236b49fc02b240a511d59", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "kernel/time/clocksource.c" |
| ], |
| "versions": [ |
| { |
| "version": "5.14", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "5.14", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.235", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.179", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.129", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.79", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.12.16", |
| "lessThanOrEqual": "6.12.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.13.4", |
| "lessThanOrEqual": "6.13.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.14", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.10.50", |
| "versionEndExcluding": "5.10.235" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.14", |
| "versionEndExcluding": "5.15.179" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.14", |
| "versionEndExcluding": "6.1.129" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.14", |
| "versionEndExcluding": "6.6.79" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.14", |
| "versionEndExcluding": "6.12.16" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.14", |
| "versionEndExcluding": "6.13.4" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.14", |
| "versionEndExcluding": "6.14" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.12.17" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.13.2" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/d9c217fadfcff7a8df58567517d1e4253f3fd243" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/60f54f0d4ea530950549a8263e6fdd70a40490a4" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/852805b6cbdb69c298a8fc9fbe79994c95106e04" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/8783ceeee797d9aa9cfe150690fb9d0bac8cc459" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/cc3d79e7c806cb57d71c28a4a35e7d7fb3265faa" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/0fb534187d2355f6c8f995321e76d1ccd1262ac1" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/6bb05a33337b2c842373857b63de5c9bf1ae2a09" |
| } |
| ], |
| "title": "clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2025-21767", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
