Race Condition in Linux Kernel Affecting Configurations in Subsystems

CVE-2025-68319

What is CVE-2025-68319?

A race condition was identified in the Linux kernel when navigating over the userdata configurations. The vulnerability arises during concurrent additions or removals of userdata items in the configfs hierarchy. Specifically, the iteration over the cg_children list risks accessing it in an inconsistent state without proper locking. The fix involves acquiring the necessary mutex, ensuring that all operations that traverse the cg_children list are completed safely without conflicting modifications. Proper mutex handling prevents endless loop scenarios during system operations, enhancing the kernel's reliability and security.

References