Vulnerability in Linux Kernel Affecting Workqueue Management
CVE-2025-38369
What is CVE-2025-38369?
In the Linux Kernel, a vulnerability related to the workqueue management in the IDXD driver was identified. When running IDXD workloads in a container with the /dev directory mounted, a termination of the parent container process can lead to a call trace or even a kernel panic. This issue arises because, in certain configurations, Docker fails to propagate the mount replica back to the original mount point. Consequently, when the user driver detaches, the workqueue gets destroyed, but the system still attempts to call destroy_workqueue(), looking to finish pending tasks. A check for wq->wq is necessary to bypass the drain if it no longer exists.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 98fd66c8ba77e3a7137575f610271014bc0e701f
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2