ghsa-35pf-3h4j-jg2m
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
jfs: fix uninitialized waitqueue in transaction manager
The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on read-only filesystems.
When a filesystem is mounted read-only, txBegin() returns tid=0 to indicate no transaction. However, txEnd(0) still gets called and tries to access TxBlock[0].waitor via tid_to_tblock(0), but this waitqueue was never initialized because the initialization loop started at index 1 instead of 0.
This causes a 'non-static key' lockdep warning and system crash: INFO: trying to register non-static key in txEnd
Fix by ensuring all transaction blocks including TxBlock[0] have their waitqueues properly initialized during txInit().
{
"affected": [],
"aliases": [
"CVE-2025-68168"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-16T14:15:48Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix uninitialized waitqueue in transaction manager\n\nThe transaction manager initialization in txInit() was not properly\ninitializing TxBlock[0].waitor waitqueue, causing a crash when\ntxEnd(0) is called on read-only filesystems.\n\nWhen a filesystem is mounted read-only, txBegin() returns tid=0 to\nindicate no transaction. However, txEnd(0) still gets called and\ntries to access TxBlock[0].waitor via tid_to_tblock(0), but this\nwaitqueue was never initialized because the initialization loop\nstarted at index 1 instead of 0.\n\nThis causes a \u0027non-static key\u0027 lockdep warning and system crash:\n INFO: trying to register non-static key in txEnd\n\nFix by ensuring all transaction blocks including TxBlock[0] have\ntheir waitqueues properly initialized during txInit().",
"id": "GHSA-35pf-3h4j-jg2m",
"modified": "2025-12-16T15:30:44Z",
"published": "2025-12-16T15:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68168"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/038861414ab383b41dd35abbf9ff0ef715592d53"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2a9575a372182ca075070b3cd77490dcf0c951e7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/300b072df72694ea330c4c673c035253e07827b8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8cae9cf23e0bd424ac904e753639a587543ce03a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a2aa97cde9857f881920635a2e3d3b11769619c5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cbf2f527ae4ca7c7dabce42e85e8deb58588a37e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d2dd7ca05a11685c314e62802a55e8d67a90e974"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d6af7fce2e162ac68e85d3a11eb6ac8c35b24b64"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.