Linux Kernel RCU State Management Vulnerability in Cpuidle Code Path

Vulnerability

A vulnerability in the Linux kernel's handling of Read-Copy-Update (RCU) synchronization has been addressed. The issue arose in the cpuidle code path, where improper RCU state management during the __cfi_slowpath_diag function could lead to an invalid RCU state. This mismanagement triggered a warning in the kernel, indicating a problem with the RCU synchronization process. The vulnerability has been resolved by modifying the RCU usage to ensure proper synchronization, only waking up RCU when necessary and disabling interrupts during critical checks.

Impact

The vulnerability could lead to an invalid RCU state, causing potential synchronization issues in the cpuidle code path, which manages CPU idle states.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RCU State Management Vulnerability in Cpuidle Code Path

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating