| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025121627-CVE-2025-68168-7341@gregkh> Date: Tue, 16 Dec 2025 14:43:29 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-68168: jfs: fix uninitialized waitqueue in transaction manager From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on read-only filesystems. When a filesystem is mounted read-only, txBegin() returns tid=0 to indicate no transaction. However, txEnd(0) still gets called and tries to access TxBlock[0].waitor via tid_to_tblock(0), but this waitqueue was never initialized because the initialization loop started at index 1 instead of 0. This causes a 'non-static key' lockdep warning and system crash: INFO: trying to register non-static key in txEnd Fix by ensuring all transaction blocks including TxBlock[0] have their waitqueues properly initialized during txInit(). The Linux kernel CVE team has assigned CVE-2025-68168 to this issue. Affected and fixed versions =========================== Fixed in 5.4.302 with commit d6af7fce2e162ac68e85d3a11eb6ac8c35b24b64 Fixed in 5.10.247 with commit 8cae9cf23e0bd424ac904e753639a587543ce03a Fixed in 5.15.197 with commit a2aa97cde9857f881920635a2e3d3b11769619c5 Fixed in 6.1.159 with commit d2dd7ca05a11685c314e62802a55e8d67a90e974 Fixed in 6.6.117 with commit 2a9575a372182ca075070b3cd77490dcf0c951e7 Fixed in 6.12.58 with commit cbf2f527ae4ca7c7dabce42e85e8deb58588a37e Fixed in 6.17.8 with commit 038861414ab383b41dd35abbf9ff0ef715592d53 Fixed in 6.18 with commit 300b072df72694ea330c4c673c035253e07827b8 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-68168 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/jfs/jfs_txnmgr.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/d6af7fce2e162ac68e85d3a11eb6ac8c35b24b64 https://git.kernel.org/stable/c/8cae9cf23e0bd424ac904e753639a587543ce03a https://git.kernel.org/stable/c/a2aa97cde9857f881920635a2e3d3b11769619c5 https://git.kernel.org/stable/c/d2dd7ca05a11685c314e62802a55e8d67a90e974 https://git.kernel.org/stable/c/2a9575a372182ca075070b3cd77490dcf0c951e7 https://git.kernel.org/stable/c/cbf2f527ae4ca7c7dabce42e85e8deb58588a37e https://git.kernel.org/stable/c/038861414ab383b41dd35abbf9ff0ef715592d53 https://git.kernel.org/stable/c/300b072df72694ea330c4c673c035253e07827b8
Powered by blists - more mailing lists