Primary

Context

Linux Kernel Scheduler Lock Vulnerability in SCX Operations Bypass

Vulnerability

Patched

A vulnerability in the Linux kernel's scheduler has been addressed by modifying the locking mechanism in the SCX operations bypass function. Previously, the function used rq_lock() to acquire locks while iterating through CPUs, which could lead to warnings if a CPU was offline or handling a task in a higher scheduler class, such as deadline. The rq_lock() is intended for online CPUs only. The change to raw_spin_rq_lock() prevents these unnecessary warnings and aligns the locking behavior with the CPU's state.

Impact

The vulnerability could cause misleading warnings about the CPU's scheduling state, potentially obscuring real issues that need attention.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Scheduler Lock Vulnerability in SCX Operations Bypass

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating