Volerion logoVolerion
Volerion logoVolerion

Linux Kernel CPU Offline Vulnerability in Deadline Scheduler

Vulnerability

A vulnerability in the Linux kernel's scheduling system can lead to a warning when a CPU is removed. This issue occurs because the deadline server's timer can trigger a warning after the CPU has been marked for removal, creating a race condition. The vulnerability affects the Linux kernel's stable versions.

Impact

The vulnerability can cause kernel warnings and disrupt the proper removal of CPUs, potentially leading to instability in systems that manage CPU resources dynamically.

Reproduction

The vulnerability can be reproduced by removing a CPU using the 'drmgr' tool, which triggers a warning related to the deadline scheduler. This process involves parking a task on the deadline server just before the CPU is taken offline, creating a timing issue that the kernel warning reflects.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Nov 12, 2025, 11:31 AM
Updated: Nov 12, 2025, 4:55 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.9
remediation
7.7
relevance
1.0
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.