CVE-2025-68336

locking/spinlock/debug: Fix data-race in do_raw_write_lock

Severity Score

4.7

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: locking/spinlock/debug: Fix data-race in do_raw_write_lock KCSAN reports: BUG: KCSAN: data-race in do_raw_write_lock / do_raw_write_lock write (marked) to 0xffff800009cf504c of 4 bytes by task 1102 on cpu 1: do_raw_write_lock+0x120/0x204 _raw_write_lock_irq do_exit call_usermodehelper_exec_async ret_from_fork read to 0xffff800009cf504c of 4 bytes by task 1103 on cpu 0: do_raw_write_lock+0x88/0x204 _raw_write_lock_irq do_exit call_usermodehelper_exec_async ret_from_fork value changed: 0xffffffff -> 0x00000001 Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 1103 Comm: kworker/u4:1 6.1.111 Commit 1a365e822372 ("locking/spinlock/debug: Fix various data races") has
adressed most of these races, but seems to be not consistent/not complete. >From do_raw_write_lock() only debug_write_lock_after() part has been
converted to WRITE_ONCE(), but not debug_write_lock_before() part.
Do it now.

In the Linux kernel, the following vulnerability has been resolved: locking/spinlock/debug: Fix data-race in do_raw_write_lock KCSAN reports: BUG: KCSAN: data-race in do_raw_write_lock / do_raw_write_lock write (marked) to 0xffff800009cf504c of 4 bytes by task 1102 on cpu 1: do_raw_write_lock+0x120/0x204 _raw_write_lock_irq do_exit call_usermodehelper_exec_async ret_from_fork read to 0xffff800009cf504c of 4 bytes by task 1103 on cpu 0: do_raw_write_lock+0x88/0x204 _raw_write_lock_irq do_exit call_usermodehelper_exec_async ret_from_fork value changed: 0xffffffff -> 0x00000001 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 1103 Comm: kworker/u4:1 6.1.111 Commit 1a365e822372 ("locking/spinlock/debug: Fix various data races") has adressed most of these races, but seems to be not consistent/not complete. >From do_raw_write_lock() only debug_write_lock_after() part has been converted to WRITE_ONCE(), but not debug_write_lock_before() part. Do it now.

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the oldstable distribution (bookworm), these problems have been fixed in version 6.1.162-1.

*Credits: N/A

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-12-16 CVE Reserved
2025-12-22 CVE Published
2026-02-09 CVE Updated
2026-02-28 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (14)

URL	Tag	Source
https://git.kernel.org/stable/c/1a365e822372ba24c9da0822bc583894f6f3d821	Vuln. Introduced
https://git.kernel.org/stable/c/3106fb78d3579c8e9c9b3040f7f7841981919624	Vuln. Introduced
https://git.kernel.org/stable/c/c0911024ff927ba5c4786b507004cb615be1d776	Vuln. Introduced
https://git.kernel.org/stable/c/09226e5c38639437565af01e6009a9286a351d04	Vuln. Introduced
https://git.kernel.org/stable/c/c7673f01604fa722b9d7c1e29e17cec1b8ae09c5	Vuln. Introduced
https://git.kernel.org/stable/c/c120c3dbeb76305235c8e557f84d9e2d7d0f5933	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/8e5b2cf10844402054b52b489b525dc30cc16908	2026-01-19
https://git.kernel.org/stable/c/c228cb699a07a5f2d596d186bc5c314c99bb8bbf	2026-01-19
https://git.kernel.org/stable/c/93bd23524d63deb80fb85beb2e43fafeb1043d0f	2026-01-11
https://git.kernel.org/stable/c/39d2ef113416f1a4205b03fb0aa2e428d1412c77	2026-01-11
https://git.kernel.org/stable/c/b163a5e8c703201c905d6ec7920ed79d167e8442	2025-12-12
https://git.kernel.org/stable/c/16b3590c0e1e615757dade098c8fbc0d4f040c76	2025-12-12
https://git.kernel.org/stable/c/396a9270a7b90886be501611b13aa636f2e8c703	2025-12-12
https://git.kernel.org/stable/c/c14ecb555c3ee80eeb030a4e46d00e679537f03a	2025-10-21

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.10.248 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.248"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.15.198 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.15.198"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.1.160 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.1.160"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.6.120 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.6.120"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.12.62 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.12.62"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.17.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.17.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.18.1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.18.1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.19"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.4.209 Search vendor "Linux" for product "Linux Kernel" and version "4.4.209"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.9.209 Search vendor "Linux" for product "Linux Kernel" and version "4.9.209"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.14.164 Search vendor "Linux" for product "Linux Kernel" and version "4.14.164"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.19.95 Search vendor "Linux" for product "Linux Kernel" and version "4.19.95"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.4.11 Search vendor "Linux" for product "Linux Kernel" and version "5.4.11"		en		Affected