Linux Kernel Scheduler Extension Vulnerability in Multiple Products
CVE-2025-40260
Currently unrated
What is CVE-2025-40260?
A crash was identified in the Linux kernel's scheduler extension during specific self-test scenarios, particularly when the test runner was forcefully terminated. The issue was traced back to improper error handling in the scx_enable() function, where a dereference of an error pointer occurred due to failure in the initialization of a helper thread. Upon correcting the error handling mechanism, the code now appropriately manages error states, thereby preventing unintended crashes and enhancing system stability.
Affected Version(s)
Linux bff3b5aec1b727b620adc7c47085592802390125 < 625e173e2a59b6cf6cbfb51c0a6bea47f3861eab
Linux bff3b5aec1b727b620adc7c47085592802390125 < 7b6216baae751369195fa3c83d434d23bcda406a
Linux 6.16