CVE-2025-40142

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the ALSA PCM subsystem related to interrupt handling on PREEMPT RT systems. Specifically, snd pcm group lock irq() acquires a spinlock, disabling interrupts but not softirqs. On PREEMPT RT kernels, softirqs are preemptible, potentially leading to a deadlock situation involving the softirq ctrl.lock and hrtimer cancel()/hrtimer run softirq() functions. The issue arises because a timer can be invoked during the spinlock operation on the same CPU, causing a lock dependency report. To prevent this potential deadlock, softirqs must be manually disabled before the lock is acquired on PREEMPT RT.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.