ghsa-v7xp-46vw-cxcp
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
sched/deadline: Stop dl_server before CPU goes offline
IBM CI tool reported kernel warning1 when running a CPU removal operation through drmgr2. i.e "drmgr -c cpu -r -q 1"
WARNING: CPU: 0 PID: 0 at kernel/sched/cpudeadline.c:219 cpudl_set+0x58/0x170 NIP [c0000000002b6ed8] cpudl_set+0x58/0x170 LR [c0000000002b7cb8] dl_server_timer+0x168/0x2a0 Call Trace: [c000000002c2f8c0] init_stack+0x78c0/0x8000 (unreliable) [c0000000002b7cb8] dl_server_timer+0x168/0x2a0 [c00000000034df84] __hrtimer_run_queues+0x1a4/0x390 [c00000000034f624] hrtimer_interrupt+0x124/0x300 [c00000000002a230] timer_interrupt+0x140/0x320
Git bisects to: commit 4ae8d9aa9f9d ("sched/deadline: Fix dl_server getting stuck")
This happens since: - dl_server hrtimer gets enqueued close to cpu offline, when kthread_park enqueues a fair task. - CPU goes offline and drmgr removes it from cpu_present_mask. - hrtimer fires and warning is hit.
Fix it by stopping the dl_server before CPU is marked dead.
[sshegde: wrote the changelog and tested it]
{
"affected": [],
"aliases": [
"CVE-2025-40163"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-12T11:15:46Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/deadline: Stop dl_server before CPU goes offline\n\nIBM CI tool reported kernel warning[1] when running a CPU removal\noperation through drmgr[2]. i.e \"drmgr -c cpu -r -q 1\"\n\nWARNING: CPU: 0 PID: 0 at kernel/sched/cpudeadline.c:219 cpudl_set+0x58/0x170\nNIP [c0000000002b6ed8] cpudl_set+0x58/0x170\nLR [c0000000002b7cb8] dl_server_timer+0x168/0x2a0\nCall Trace:\n[c000000002c2f8c0] init_stack+0x78c0/0x8000 (unreliable)\n[c0000000002b7cb8] dl_server_timer+0x168/0x2a0\n[c00000000034df84] __hrtimer_run_queues+0x1a4/0x390\n[c00000000034f624] hrtimer_interrupt+0x124/0x300\n[c00000000002a230] timer_interrupt+0x140/0x320\n\nGit bisects to: commit 4ae8d9aa9f9d (\"sched/deadline: Fix dl_server getting stuck\")\n\nThis happens since:\n- dl_server hrtimer gets enqueued close to cpu offline, when\n kthread_park enqueues a fair task.\n- CPU goes offline and drmgr removes it from cpu_present_mask.\n- hrtimer fires and warning is hit.\n\nFix it by stopping the dl_server before CPU is marked dead.\n\n[1]: https://lore.kernel.org/all/8218e149-7718-4432-9312-f97297c352b9@linux.ibm.com/\n[2]: https://github.com/ibm-power-utilities/powerpc-utils/tree/next/src/drmgr\n\n[sshegde: wrote the changelog and tested it]",
"id": "GHSA-v7xp-46vw-cxcp",
"modified": "2025-11-12T12:30:28Z",
"published": "2025-11-12T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40163"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ab6c0f158508bb16d483add70b73a73f95651c33"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ee6e44dfe6e50b4a5df853d933a96bdff5309e6e"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.