Linux Kernel EEVDF Scheduler Vulnerability Leading to Crash

A vulnerability in the Linux kernel's EEVDF scheduler can cause a crash by improperly handling the scheduling slice of entities. When a delayed group entity is dequeued, its slice can be set to U64_MAX, especially if it has no queued tasks. This incorrect slice value disrupts subsequent scheduling calculations, leading to an overflow and causing the system to crash. The issue arises in the 'dequeue_entities()' function, particularly when managing delayed entities and their parents' scheduling states.

Impact

Exploiting this vulnerability can cause a system crash by disrupting the scheduling entity's virtual runtime calculations, leading to an overflow and a dereference error.

Reproduction

The vulnerability can be reproduced by creating a delayed group entity and then dequeuing it while its parent's dequeue is also delayed. This sequence of actions causes the entity's slice to be set to U64_MAX, which then interferes with the scheduling calculations and eventually leads to a crash.

Remediation

The vulnerability has been fixed in the official Linux Git repository. Users should upgrade to the latest version.